+1 They are not the only ones. There is another outfit that has done this for years with firewalls. They are called matousec and run the sam kind of racket where one has to pay for the "vulnerabilities" they find. More over, it looks like they make money from the links they provide to vendors. Caveat Emptor.
http://www.matousec.com/projects/proactive-security-challenge/results.php Questionable at best and blackmail if you want to call it that. Stu ________________________________ From: Michael B. Smith [mailto:[email protected]] Sent: Tuesday, May 10, 2011 8:44 AM To: NT System Admin Issues Subject: RE: More cracker fun! While Google itself (well, in the person of Tavis) is famous for not responsibly disclosing vulnerabilities it finds, Vupen's work strikes me as downright (let me make clear - this is my opinion) criminal. They have determined a critical security vulnerability and they don't intend to share it with anyone EXCEPT their paying customers? Not even with the vendor? I consider that negligent, at best. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: [email protected] [mailto:[email protected]] Sent: Tuesday, May 10, 2011 8:39 AM To: NT System Admin Issues Subject: More cracker fun! Google Chrome, "current version" (as of this morning, 10-MAY-2011, version 11.0.696.65), all version of Windows, both 32- and 64-bit, an exploit has been found whereby malicious code can "break out of the sand box": http://news.cnet.com/8301-27080_3-20061269-245.html?tag=mncol;txt -- richard ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
