Josh Goldstein on 8 Feb 2008 05:53:07 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] The Vulnerabilites Business....?


Would you say an architect that found a flaw in the design of a new building and sells that information back to the designer or the company that built the building is evil? 
I wouldn't.  I think it'd be worse to ignore a design flaw.
I'd even go so far as to say that if you make it public that a specific flaw exists, then it's the users' responsibility to not use such a product, or to use it with care, so it's not evil to sell the information to third parties, especially if you first offer to sell it to the original designer.
I'd say it's already broken or not once it's been written, and that the work the hackers are doing is free research, a free examination or inspection.  They're putting time and effort into things without any guarantee of a payoff.  Them just letting people know a flaw exists is helping people out.  I couldn't even go to a doctor's office and get a free checkup.  I'm pretty sure the Geek Squad doesn't do free computer exams, either. :)
 
----- Original Message ----
From: Brian Vagnoni <bvagnoni@v-system.net>
So what do people think about individuals/companies that specialize in breaking other peoples software for the purpose of selling the info for profit either back to the software manufacturer or other interested parties.


Never miss a thing. Make Yahoo your homepage.
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug