lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 27 May 2014 15:32:18 -0400
From: Jeffrey Walton <noloader@...il.com>
To: Brandon Perry <bperry.volatile@...il.com>
Cc: "fulldisclosure@...lists.org" <fulldisclosure@...lists.org>
Subject: Re: [FD] What do you think of Trollc?

On Tue, May 27, 2014 at 3:04 PM, Brandon Perry
<bperry.volatile@...il.com> wrote:
> Not even sure when the last vulnerability that caused any fluctuation in
> the stock markets was.
+!. I'm not sure it ever hurt Sony, and they've had over 40 documented
problems [0, 1, 2, et al]. Some of them were very serious from a data
security perspective.

Jeff

[0] http://attrition.org/security/rant/sony_aka_sownage.html
[1] http://www.reuters.com/article/2011/04/26/us-sony-stoldendata-idUSTRE73P6WB20110426
[2] http://beta.slashdot.org/story/176757

> On Tue, May 27, 2014 at 1:49 PM, Philip Cheong <isctsf@...il.com> wrote:
>
>> From https://www.startjoin.com/trollc
>>
>> *Right now if you're a software exploit developer and you want to monetize
>> your craft to pay your rent, there's only one consistent way to do so: sell
>> your software exploits. The major customer for these are oppressive
>> governments, chiefly that of the United States. We know what the United
>> States does with software exploits: it uses them to illegally spy on its
>> own citizens, and attack peaceful nations around the world.*
>>
>> *I need your help to create a company that will ethically disclose software
>> vulnerabilities to the public. For this I need help getting the filing fees
>> necessary to incorporate a hedge fund. I want to continue bringing issues
>> in companies that put you at risk to light, and short the stocks of those
>> companies when I do so. I will only get paid when large corporations being
>> negligent get punished. This will create a structure by which security
>> researchers including myself will still make a living, only now by
>> disclosing problems instead of selling them in secret to criminal
>> governments.*

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ