Re: Re: 0x43434343 - talking of money...]

["Nexus" <nexus () patrol i-way co uk>]

----- Original Message ----- 
From: "Daniele Muscetta" <daniele () muscetta com>
To: <dailydave () lists immunitysec com>
Sent: Saturday, November 22, 2003 10:12 PM
Subject: [Fwd: Re: [Dailydave] 0x43434343 - talking of money...]

[socio-economic discourse elided ;-)]

> Instead of finding vulnerabilities for commercial software (that is in
> this loop of economic power where they make too much money), switch to
> find vulnerabilities for open source, free software, where the author
> does not make any money out of it, and you neither. You would be
> contributing to make that ALTERNATIVE software more secure, eventually.

Which then throws up the irony that if a commercial vuln research outfit
release an advisory on any software that is free, open source, beta or any
combination thereof, they get ridiculed and laughed at by other commercial
vuln research outfits.   This affects client perception which affects
company bottom line which affects you in the end.   Your vulnerablity, your
decision - there are compelling arguments from all sides, whether you let
that affect your decision or not is yours to make.   Wiccan Rede, Crowley or
whatever your variant is that you live by.

Cheers.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave