>Have you e-mailed [EMAIL PROTECTED] and asked them if they want >to >make an offer? I know they've done private deals with security >researchers in the past, and trust me, they were offered a lot >more
No I have not emailed Microsoft. They are not entitled to any exlusivity. >illegal auction. I think its in your best interest to e-mail >[EMAIL PROTECTED] Illegal? Tell me what law in what country I have broken. > >1) You don't want to make as much money as you could by offering >Microsoft to buy your vulnerability in private. Like I said. MS can offer just like anyone else but they do not get any special treatment. >2) You want to be held responsible for selling an exploit which >leads >to a major incident, worm, virus outrage. The vulnerabilities I have for sale could be used in such a way but I am in no way responsible for what the purhcaser uses it for. Are bullet manufacturers responsible when someone shoots someone else? >3) Microsoft just contact the FBI and get your actual home address >from your e-mail server logs because you didn't initially offer >Microsoft to buy the exploit, and you end up getting arrested. Again. What law have I broken here? Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
