lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAExQ7u+AkrsJx+0Mn1e+cDk+F1uf-rdBQAP=UeetfresF3-UwA@mail.gmail.com>
Date: Thu, 3 Nov 2011 17:28:35 -0500
From: adam <adam@...sy.net>
To: secn3t@...il.com
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Secunia jumps on vuln reward bandwagon

"The rewards on offer will range from top-of-the range merchandise to
two major annual rewards such as free hotel accommodation and entry to
an IT security conference chosen from a list of the most popular
global security conferences"

I'm especially curious to see exactly what the merchandise is. Can you
imagine if it was coffee mugs or tshirts with Secunia's logo? "To show you
our appreciation, we're going to *let you* advertise for us!"

I think the terms of the "hotel accommodation" will also prove to be
interesting.

On Thu, Nov 3, 2011 at 1:18 PM, xD 0x41 <secn3t@...il.com> wrote:

> Their 'rewards' do not seem to justify the vulnerability/exploit research
> time.
>
> This is what ive been saying for uh, 3months now... but, do they ever?
> And also, is it better to have even one more payer, than have nothing
> atall... or sell to blackhat sites only ?
> i guess this is atleast an alternative and, maybe even a good learning
> tool for some...
> learn to never trust a person when they say "you will get great money'.
> ;)
>
>
> On 4 November 2011 05:14, Ryan Dewhurst <ryandewhurst@...il.com> wrote:
> > Their 'rewards' do not seem to justify the vulnerability/exploit
> research time.
> >
> > "The rewards on offer will range from top-of-the range merchandise to
> > two major annual rewards such as free hotel accommodation and entry to
> > an IT security conference chosen from a list of the most popular
> > global security conferences.  The latter rewards will be given for the
> > first time in January 2012.  One reward will be given to the
> > researcher who coordinates the most interesting vulnerability as
> > judged by Secunia in the form of a prize under the Most Interesting
> > Coordination Report category.  Criteria will include complexity,
> > impact, level and level of detail.  The other will be given to the
> > researcher who has been consistently coordinating correct, clearly
> > detailed vulnerability reports that are quick and easy to confirm as
> > judged by Secunia.  The researcher will be given the title, ‘Most
> > Valued Contributor’ by Secunia.  Other rewards will be continuously
> > given to researchers coordinating their discoveries through Secunia
> > based on their individual performance."
> >
> > http://secunia.com/company/blog_news/news/271
> >
> > Ryan Dewhurst
> >
> > blog www.ethicalhack3r.co.uk
> > twitter www.twitter.com/ethicalhack3r
> > projects www.dvwa.co.uk | www.webwordcount.com |
> code.google.com/p/wpscan
> >
> > On Thu, Nov 3, 2011 at 5:57 PM, Georgi Guninski <guninski@...inski.com>
> wrote:
> >> On Thu, Nov 03, 2011 at 05:46:15PM +0100, Michele Orru wrote:
> >>> -----BEGIN PGP SIGNED MESSAGE-----
> >>> Hash: SHA1
> >>>
> >>> It seems that even XSS, XSRF and SQLi are accepted...
> >>> Interesting.
> >>>
> >>> Cheers
> >>> antisnatchor
> >>>
> >>> Georgi Guninski wrote:
> >>> >
> http://www.theregister.co.uk/2011/11/02/secunia_vulnerability_rewards/
> >>> > Secunia jumps on vuln reward bandwagon
> >>> >
> >>> > have in mind the list is "Hosted and sponsored by Secunia"
> >>> >
> >>
> >> What about alternatives?
> >>
> >> How much the hosting will cost?
> >>
> >> I remember how aleph1 sold bugtraq (including the paid posters)
> >> and i don't feel like contributing to bugtraq ver. 2.
> >>
> >> --
> >> j
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >>
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ