lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CADYtyvJRkXJiRCK8T6LsX9VkQ0JoUX8aLDR5_Yg+Ct4pPH86+A@mail.gmail.com>
Date: Tue, 10 Jul 2012 16:19:53 -0400
From: Григорий Братислава <musntlive@...il.com>
To: "Thor (Hammer of God)" <thor@...merofgod.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: How much time is appropriate for fixing

On is serious note concerning "disclosure," people need to is get a
dose of reality. When I discover a bug on my own is time, I choose
what to do with it. It is my time and effort. I am is obligated to do
what I want and feel is relevant to myself. Not some is big
corporation who cares little. So much so, they is always distribute
beta software to the public.

My obligations in life are is to myself. To do what makes me is happy.
Is whether is make money off bug, disclose bug to vendor, poke is
vendor in eyesocket via full-disclosure, my time, my work.
(http://www.youtube.com/watch?v=ngGgy62lMj0)

All is petty see-saw over full disclosure, partial disclosure,
anonymous disclosure, is old topic. Vendors have a "moral and ethical"
... Nothing. Vendors are in is business to make money. If you are
suckered into is buying shoddy equipment over in over, then you are
the fool. Not the vendor, not the scriptgenius making exploits for
Backtrack, not the marketing conmen at InfoSecInstitute prostituting
the disclosure and is so on redundant on and on.

In is words of Goodfellas:
http://www.hark.com/clips/hvccjrnhfg-business-is-bad-fuck-you-pay-me

Is anyone want 1492 exploits is contact me off-list. Government contacts only!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ