Vulnerability Development mailing list archives
Re: 0-day exploit..do i hear $1000?
From: "bacano" <bacano () esoterica pt>
Date: Sun, 21 Oct 2001 10:35:18 +0100
hi2all I suppose that all this have to do just with semantics, like other discutions around ... while some had learned that the internet is (was) a cooperative network, where it's possible to get so much information to the point that (somehow of) free contribution is a duty, others learned from the begining that internet is (but wasn't) a commercial network. While the 1st's start to get jobs and money out of this, and in the other hand continue to contribute for free, the 2nd's start to get money and jobs from the begining. The 1st's will never accept that the 2nd's are on this just for money, while the 2nd's will never understand why others have a passion in contribute for free. I suppose that using a nickname while doing things for free, and using a real name while doing things for money, is a nice way to show that some still beleave that internet may be (stay) a cooperative network, while getting money for pizzas it's a all diferent issue. But still people will not understand that getting money out of passion it's a all diferent business, even if much older ... I hope it will be cooperative also some day :> [ ]'s bacano ----- Original Message ----- From: "security curmudgeon" <jericho () attrition org> To: "RT" <roelof () sensepost com> Cc: "rain forest puppy" <rfp () wiretrip net>; <pen-test () securityfocus com>; <vuln-dev () securityfocus com> Sent: Sunday, October 21, 2001 3:01 AM Subject: Re: 0-day exploit..do i hear $1000?
+If I was truly a sell-out, why the hell would I release my tools and +research to the world? It would be worth more to me as exclusive +proprietary intellectual property used as a service to paying
customers.
RFP, the way I see this business is like this. You do your job, try to
do it
better that the dude next door, build cutting edge technology, release
it to
the public (as its stupid to think that no-one else will get it anyhow)
and use
it to get your company name out there, while you contributing to the
industry
as a whole. Does that mean selling out? I hope not.Can you quote one time where RFP releases a tool/paper etc, and mentions his real name or company name? When you fail to do that, rethink this part of your argument. It is the same with Attrition.org and our mirror. Yes, we could have profited from it, used it to get security work, or whatever else. But that isn't why we sunk so much time and effort into it.
Current thread:
- Re: 0-day exploit..do i hear $1000?, (continued)
- Re: 0-day exploit..do i hear $1000? Fyodor (Oct 18)
- Message not available
- RE: 0-day exploit..do i hear $1000? Scoubidou (Oct 18)
- Re: 0-day exploit..do i hear $1000? Joe G. (Oct 18)
- RE: 0-day exploit..do i hear $1000? Ron DuFresne (Oct 18)
- RE: 0-day exploit..do i hear $1000? Scoubidou (Oct 18)
- Re: 0-day exploit..do i hear $1000? dullien (Oct 19)
- Re: 0-day exploit..do i hear $1000? rain forest puppy (Oct 18)
- Re: 0-day exploit..do i hear $1000? RT (Oct 18)
- RE: 0-day exploit..do i hear $1000? Steve (Oct 18)
- RE: 0-day exploit..do i hear $1000? (a net admins 2 cents) leon (Oct 20)
- Re: 0-day exploit..do i hear $1000? security curmudgeon (Oct 20)
- Re: 0-day exploit..do i hear $1000? bacano (Oct 21)
- Re: 0-day exploit..do i hear $1000? RT (Oct 18)
- Re: 0-day exploit..do i hear $1000? foob (Oct 19)
- Re: 0-day exploit..do i hear $1000? Jose Nazario (Oct 19)
- Re: 0-day exploit..do i hear $1000? H C (Oct 19)
- Re: 0-day exploit..do i hear $1000? Thiago Conde Figueiro (Oct 19)
- Re: 0-day exploit..do i hear $1000? Pedro Miller Rabinovitch (Oct 19)
- Re: 0-day exploit..do i hear $1000? foob (Oct 20)
- Re: 0-day exploit..do i hear $1000? H C (Oct 20)