LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel.org compromised

kernel.org compromised

Posted Sep 1, 2011 0:53 UTC (Thu) by lutchann (subscriber, #8872)
In reply to: kernel.org compromised by dlang
Parent article: kernel.org compromised

> the black hat could get rich by just publishing this data, no need to do anything more with it

Famous, yes, but rich? I suppose you could get a new job with a sexy title and a fat salary, but you'd probably make more money more quickly by keeping your technique a secret and selling it to somebody.

(Log in to post comments)

value of zero day versus public reputation

Posted Sep 2, 2011 12:04 UTC (Fri) by copsewood (subscriber, #199) [Link]

Whoever would pay you to keep a SHA1 crack as a zero day vulnerability would have to pay more than the value of all the book sales and conference keynote speech fees. Also the kind of organisations who would want you to keep this secret are likely to be more difficult to negotiate with and dangerous to your health if negotiations go wrong than book publishers and conference organisers.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds