Hi Robin, Suppose that acquiring the code requires you to agree to unfavorable terms of service hidden somewhere on the site, including agreeing to future (and possibly unwanted) scans, agreeing to allow the company to plant malware, and indemnification.
IMHO, I think auto454357 raised some valid concerns. As for the auto generated email, he/she used hushmail (instead of yahoo/hotmail/gmail), which tells me the person might not fit your classification. Jeff On Thu, Jan 7, 2010 at 11:16 AM, Robin Sage <[email protected]> wrote: > This definitely sounds like a clueless federal agent. > Especially since he uses an autogenerated email address. > Get with the program........the internet is wide open for people to scan. > > ________________________________ > From: Cody Robertson <[email protected]> > To: [email protected] > Sent: Thu, January 7, 2010 10:51:14 AM > Subject: Re: [Full-disclosure] iiscan > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 1/7/10 10:18 AM, [email protected] wrote: >> So let me see if I got this the right way. >> >> You guys are allowing an unknown company to scan for your webapps, >> being those apps business critical or not. On top of that, the >> unknown company is based on a country where government supports >> acts of electronic espionage against other nations, mainly those >> where you guys are based. >> >> Is this correct? or am I missing something? >> >> [SNIP] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
