lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CABgawuaJ7VWKd-eE-QcNZmBk3xC5v_KSKz8mGtDwEAhV0=XiAg@mail.gmail.com>
Date: Thu, 8 Dec 2011 10:03:04 -0500
From: Charles Morris <cmorris@...odu.edu>
To: Benji <me@...ji.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Google open redirect

Don't be strange, was I not specific enough?

I think people should be encouraged to do the work,
if they are good enough to find something that nobody else has noticed yet-
and all of these "cash for bugs" programs have me a bit annoyed.

Not offering the money for issues that they claim to offer for issues
is not only dishonest but it is discouraging to beginning researchers.

I've personally seen it happen.

On Thu, Dec 8, 2011 at 9:57 AM, Benji <me@...ji.com> wrote:
> Sorry, you think people should be making a living off reporting open
> redirect disclosure?
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ