> Then someday, Hacker L33t and L4t3 decides that they are not in it for > fame, but for money. So, they open a security firm (many examples e.g. > L0pht, Max Vision, RFP, many more). Um, excuse me? Open a security firm? Since when have I opened a security firm? I work for a company that was in business before I ever published anything as RFP. I've been there for years now. And in it for the money? What money? The money from writing a chapter in Hack Proofing your Internetwork? That was donated to OpenBSD and Nessus. The money for speaking at conferences? I haven't accepted one to date. The money I've made from whisker? Well, whisker is free, so there's none to be had. I sit around an absorb myself in various security related challenges. In the end, I have tools, research and information which I choose to share, to promote further research. If I was truly a sell-out, why the hell would I release my tools and research to the world? It would be worth more to me as exclusive proprietary intellectual property used as a service to paying customers. Unfortunately, the world doesn't always work how everyone expects it to. And in the end, why should people sacrifice their lives and free time just to continuously pump 0day research into an industry where, if they don't profit from it, everyone else will? Hell, sensepost.com is a security services company...are you saying that *every* tool you use is 100% developed by an employee of sensepost? So I've sold out because I share my research with others, but sensepost.com can take tools like nmap et al and use them to make a profit as a security service, and that's ok? Funny how that works. - rfp
This archive was generated by hypermail 2b30 : Thu Oct 18 2001 - 13:21:39 PDT