| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Jan 2014 17:59:45 +0000
From: Dan Ballance <tzewang.dorje@...il.com>
To: Valdis Kletnieks <Valdis.Kletnieks@...edu>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: EE BrightBox router hacked - bares all if you
ask nicely
So really there's nothing to do then. We just have to accept that large
corporations will continue to roll out products with poor security and
that's the way it will always be. A good environment to make some money in
as a security consultant I guess!? If you can go in to pentest and find
some easy catches like the EE BrightBox then there's good money to be made
- and easy money at that lol ;-)
On 16 January 2014 17:48, <Valdis.Kletnieks@...edu> wrote:
> On Thu, 16 Jan 2014 14:52:37 +0000, Dan Ballance said:
>
> > Well users do care about getting hacked when it happens - so maybe they
> do
> > need to be forced to pay a little more to be secure. This also has
> benefits
> > for e-commerce and on-line banking, credit card fraud etc
>
> Actually, the entire credit card industry is build around the assumption
> that there *will* be 4-5% fraudulent transactions, and it's not
> cost-effective
> to try to reduce fraud any further (though it *is* usually worth it if
> there's a new spike of a fraud variant that is fairly easily dealt with)...
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists