[Dailydave] How do I defend against 0day?
Jeffrey Czerniak
jeffcz at gmail.com
Mon Apr 20 13:11:13 EDT 2009
On Mon, Apr 20, 2009 at 12:54 PM, Andre Gironda <andreg at gmail.com> wrote:
> On Mon, Apr 20, 2009 at 9:02 AM, Jeffrey Czerniak <jeffcz at gmail.com> wrote:
>> So how do I leverage this new information to make myself safer and/or
>> more secure?
>
> Is this a serious post?
>
Yes.
In the meantime, I have figured out two ways that buying access to
0day under NDA can make me more secure:
1) Switch to an open-source operating system and open-source
applications. Create custom forks of each of my applications' source
trees, and patch my forks against the 0day vulnerabilities I
purchased. Don't share my patches with the outside world.
2) Give up on computers and switch to a farming career.
(Ok, maybe #2 wasn't so serious.)
What am I missing? Dave is still in business after all these years,
which means he must have plenty of customers. I had always assumed
that the overwhelming majority of his customers are fellow pentesters,
who buy CANVAS to guarantee they can break into systems.
Are there folks on this list who buy CANVAS but who aren't pentesters?
If so, what do you get out of CANVAS?
Seriously,
Jeff
geekable.com
More information about the Dailydave
mailing list