[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE

To: Mario D <phisher_hunter@xxxxxxxxx>, Roman Medina-Heigl Hernandez <roman@xxxxxxxxxxx>, Untitled <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE
From: Simon Smith <simon@xxxxxxxxxxx>
Date: Sat, 20 Jan 2007 12:16:51 -0500

Mario, 
    What Netragard is doing is in fact not nearly as naive as what you are
proposing.  In fact, what Netragard is doing will most probably help ³alarm
companies² in the future.

On 1/20/07 7:10 AM, "Mario D" <phisher_hunter@xxxxxxxxx> wrote:

> So,
>  
> Let's say I know how to bypass the alarm to your house.  Should I put it up
> for sale and not worry about who buys it or why because it is "none of my
> business"?
>  
> Its people like you who give the security profession a bad name.
>  
> Mario
> 
> ----- Original Message ----
> From: Simon Smith <simon@xxxxxxxxxxx>
> To: Roman Medina-Heigl Hernandez <roman@xxxxxxxxxxx>; Untitled
> <full-disclosure@xxxxxxxxxxxxxxxxx>
> Cc: bugtraq@xxxxxxxxxxxxxxxxx
> Sent: Thursday, January 18, 2007 2:27:06 PM
> Subject: Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR
> MORE
> 
> Oh, 
>     About your ROI question, that varies per buyer. I am not usually told
> about why a buyer needs something as that's none of my business.
> 
> On 1/18/07 4:22 AM, "Roman Medina-Heigl Hernandez" <roman@xxxxxxxxxxx>
> wrote:
> 
>> > Simon Smith escribió:
>>> >> Amen!
>>> >>     KF is 100% on the money. I can arrange the legitimate purchase of >>>
most
>>> >> working exploits for significantly more money than iDefense, In some
>>> cases
>>> >> over $75,000.00 per purchase. The company that I am working with has a
>>> >> relationship with a legitimate buyer, all transactions are legal. If
>>> you're
>> > 
>> > <naive>
>> > 
>> > I was wondering which kind of (legal) enterprises/organizations would pay
>> > $75000 for a simple (or not so simple) exploit.
>> > - governmental organizations (defense? DoD? FBI? ...)
>> > - firms offering high-profiled pen-testing services?
>> > - ... ?
>> > 
>> > What about the ROI for such investment?
>> > 
>> > </naive>
>> > 
>> > Regards,
>> > -Roman
>> > 
>> > _______________________________________________
>> > Full-Disclosure - We believe in it.
>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> > Hosted and sponsored by Secunia - http://secunia.com/
> 
> 
> 
> Everyone is raving about the all-new Yahoo! Mail beta.
> <http://us.rd.yahoo.com/evt=45083/*http://advision.webevents.yahoo.com/mailbet
> a>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE
  - From: Mario D

Prev by Date: [Full-disclosure] Atom Database
Next by Date: Re: [Full-disclosure] Wikipedia and Pedophilia
Previous by thread: Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE
Next by thread: [Full-disclosure] Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability
Index(es):
- Date
- Thread