On Wed, 27 Jul 2005, Adam Jones wrote: > What exactly is wrong with this? I personally would rather have 3com > buying up exploits (probably under an agreement for exclusive access) > instead of having them sold to the highest, probably malicious, > bidder.
Your argument amounts to "The lesser of two evils", which is NOT the same as ethical behaviour. > Even if someone sells it to both there is a more reputable > group that has the exploit and can help with mitigation. "Reputable"? I'm sorry, we must have different opinions as to what constitutes "reputable". A "reputable" company does not encourage the writing of malware for money, or the withholding of information from the community (FD) in exchange for mere personal gain. -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF "A stock broker is someone who handles your money until its all gone." Diana Hubbard (of Scientology fame) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
