Re: 0-day i hear $1000?

From: rain forest puppy (rfpat_private)
Date: Thu Oct 18 2001 - 12:23:20 PDT

  • Next message: Don Weber: "RE: 0-day i hear $1000?"

    > Then someday, Hacker L33t and L4t3 decides that they are not in it for
    > fame, but for money. So, they open a security firm (many examples e.g.
    > L0pht, Max Vision, RFP, many more).
    Um, excuse me?  Open a security firm?  Since when have I opened a security
    I work for a company that was in business before I ever published anything
    as RFP.  I've been there for years now.
    And in it for the money?  What money?  The money from writing a chapter in
    Hack Proofing your Internetwork?  That was donated to OpenBSD and Nessus.
    The money for speaking at conferences?  I haven't accepted one to date.
    The money I've made from whisker?  Well, whisker is free, so there's none
    to be had.
    I sit around an absorb myself in various security related challenges.  In
    the end, I have tools, research and information which I choose to share,
    to promote further research.
    If I was truly a sell-out, why the hell would I release my tools and
    research to the world?  It would be worth more to me as exclusive
    proprietary intellectual property used as a service to paying customers.
    Unfortunately, the world doesn't always work how everyone expects it to.
    And in the end, why should people sacrifice their lives and free time just
    to continuously pump 0day research into an industry where, if they don't
    profit from it, everyone else will?  Hell, is a security
    services company...are you saying that *every* tool you use is 100%
    developed by an employee of sensepost?
    So I've sold out because I share my research with others, but can take tools like nmap et al and use them to make a profit
    as a security service, and that's ok?
    Funny how that works.
    - rfp
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:

    This archive was generated by hypermail 2b30 : Thu Oct 18 2001 - 12:53:29 PDT