Re: 0-day exploit..do i hear $1000?

From: Jose Nazario (joseat_private)
Date: Fri Oct 19 2001 - 09:30:50 PDT

Next message: Robert Tillman: "RE: Open Response To Microsoft Security - RE: It's Time to End In formation Anarchy"

Previous message: dullienat_private: "Re: 0-day exploit..do i hear $1000?"
In reply to: foobat_private: "Re: 0-day exploit..do i hear $1000?"
Next in thread: H C: "Re: 0-day exploit..do i hear $1000?"
Next in thread: Fyodor: "Re: 0-day exploit..do i hear $1000?"
Reply: H C: "Re: 0-day exploit..do i hear $1000?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 19 Oct 2001 foobat_private wrote:

> Why would a security firm pay someone any money at all for an exploit?

well, one reason would be to have unique information for their intrusion
detection engines or for their pen testing teams. payback is almost
immediate there.

i fully expect infosec companies to start contracting to hacking groups
for idea, exploits and info. its profitable all around, and in this era of
returning to the underground (damn, why did i use my real name this whole
time!!!) it may be what happens.

____________________________
jose nazario						     joseat_private
	      	     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
				       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Next message: Robert Tillman: "RE: Open Response To Microsoft Security - RE: It's Time to End In formation Anarchy"
Previous message: dullienat_private: "Re: 0-day exploit..do i hear $1000?"
In reply to: foobat_private: "Re: 0-day exploit..do i hear $1000?"
Next in thread: H C: "Re: 0-day exploit..do i hear $1000?"
Next in thread: Fyodor: "Re: 0-day exploit..do i hear $1000?"
Reply: H C: "Re: 0-day exploit..do i hear $1000?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Oct 19 2001 - 10:12:11 PDT