Full Disclosure mailing list archives
Re: security industry software license
From: wishi <wishi () pluto sunn de>
Date: Tue, 21 Oct 2008 19:37:53 +0200
n3td3v schrieb:
there should be a central license that people apply for to use software like metasploit.
Well. There's. It's called competence. Clueless people don't use Metasploit. Normally it doesn't lower the bar very much. Think of Core or Canvas. You can get this too, nevertheless it's expensive. Who's going to prevent Warez? - Right, no one. So if you're talking about a theoretical concept, you should face the reality: there's no software you can't get for free. And if there's, nothing prevents you from writing your own exploits. Just grab some source, and search through it. You'd be surprised how much crap you'll find.
only letting the good guys use the software for good purposes.
First build a devel, let it run, and sell the holy water. That's how it works. Without any evil approaches, we wouldn't work. Today's process of hardening needs something, which speeds it up by fear. And that's exactly what Metasploit does. It pwns incompetent management, driven by the idea to develop feature rich blaotware in no time - without caring for design, structure and security of the customers. I guess nobody who's having the good old skills needs an exploit framework. So - what's the software you're going to certify by n3rd3v license? Shellcode with 0s? :) Or some wrapper scripts? By the way: security is a market. Nothing prevents you from selling exploits at wabisabi or so. Nevertheless I wouldn't chose eBay. :) -- --__----____----- wishinet.blogspot.com just wishi - does Netninpo __--___-----_____ - http://www.gnu.org/philosophy/no-word-attachments.html - PGP ID: 0xCCCA5E74 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: security industry software license, (continued)
- Re: security industry software license n3td3v (Oct 14)
- Re: security industry software license Michael Simpson (Oct 14)
- Re: security industry software license n3td3v (Oct 14)
- Re: security industry software license Ureleet (Oct 21)
- Re: security industry software license Freeman Y. (Oct 12)
- Re: security industry software license Garrett M. Groff (Oct 14)
- Re: security industry software license Valdis . Kletnieks (Oct 13)
- Re: security industry software license Buhrmaster, Gary (Oct 13)
- Re: security industry software license M . B . Jr . (Oct 13)
- Re: security industry software license n3td3v (Oct 10)
- Re: security industry software license Glenn.Everhart (Oct 10)
- Re: security industry software license n3td3v (Oct 10)
- Re: security industry software license Razi Shaban (Oct 18)