[Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE
Simon Smith
simon at snosoft.com
Sat Jan 20 17:16:51 GMT 2007
Mario,
What Netragard is doing is in fact not nearly as naive as what you are
proposing. In fact, what Netragard is doing will most probably help ³alarm
companies² in the future.
On 1/20/07 7:10 AM, "Mario D" <phisher_hunter at yahoo.com> wrote:
> So,
>
> Let's say I know how to bypass the alarm to your house. Should I put it up
> for sale and not worry about who buys it or why because it is "none of my
> business"?
>
> Its people like you who give the security profession a bad name.
>
> Mario
>
> ----- Original Message ----
> From: Simon Smith <simon at snosoft.com>
> To: Roman Medina-Heigl Hernandez <roman at rs-labs.com>; Untitled
> <full-disclosure at lists.grok.org.uk>
> Cc: bugtraq at securityfocus.com
> Sent: Thursday, January 18, 2007 2:27:06 PM
> Subject: Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR
> MORE
>
> Oh,
> About your ROI question, that varies per buyer. I am not usually told
> about why a buyer needs something as that's none of my business.
>
> On 1/18/07 4:22 AM, "Roman Medina-Heigl Hernandez" <roman at rs-labs.com>
> wrote:
>
>> > Simon Smith escribió:
>>> >> Amen!
>>> >> KF is 100% on the money. I can arrange the legitimate purchase of >>>
most
>>> >> working exploits for significantly more money than iDefense, In some
>>> cases
>>> >> over $75,000.00 per purchase. The company that I am working with has a
>>> >> relationship with a legitimate buyer, all transactions are legal. If
>>> you're
>> >
>> > <naive>
>> >
>> > I was wondering which kind of (legal) enterprises/organizations would pay
>> > $75000 for a simple (or not so simple) exploit.
>> > - governmental organizations (defense? DoD? FBI? ...)
>> > - firms offering high-profiled pen-testing services?
>> > - ... ?
>> >
>> > What about the ROI for such investment?
>> >
>> > </naive>
>> >
>> > Regards,
>> > -Roman
>> >
>> > _______________________________________________
>> > Full-Disclosure - We believe in it.
>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> > Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
> Everyone is raving about the all-new Yahoo! Mail beta.
> <http://us.rd.yahoo.com/evt=45083/*http://advision.webevents.yahoo.com/mailbet
> a>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070120/5e8ef768/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.