lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 12 Dec 2009 02:37:42 +0000
From: Shyaam <>
Subject: Re: IE 0day for sale

:) Good one Valdis. That is what I was exactly trying to do.

#1. If his intent was good, he would have sent it to the vendor and to the
US Cert.
#2. His aim is to get money:
      a. Instead of selling it directly to black market and not getting any
returns, or having some legal agency stepping onto his doors he could as
well sell it to these companies.
      b. These companies DO NOT sell stuff to BLACK MARKET. Straighten your
facts before you accuse any of the below:
zdi,idefense,securiteam,immunity,etc. They have better things to do than to
sell it off to the bad guys.

Besides, many people have that kind of a notion only because there are many
hollywood movie fanatics out there, who suspect every single entity around

Thanks for your creative response though :). You really cracked me up :)


On Sat, Dec 12, 2009 at 2:31 AM, <> wrote:

> On Fri, 11 Dec 2009 20:13:52 EST, Jeff Williams said:
> > zdi,idefense,securiteam,immunity,etc is a front, your exploit will
> anyways
> > end up on the blackmarket by selling it to theses company.
> > How can you be that naive ?
> You're talking to somebody willing to sell to the highest bidder on F-D.
> Draw your own conclusions about whether they actually care if it ends up on
> the black market.

Content of type "text/html" skipped

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists