The next message in the thread gives specifics about the PS3 crack referenced in the parent:
> Disclaimer: I have personal experience with him when he took the PS3 ECDSA fail research I and the other fail0verflow folks presented at CCC, and a couple weeks later released the PS3 metldr keys obtained using our method, with zero credit or reference to us. Then Sony sued us all because they assumed we were working with him, even though we'd been careful not to actually release any crypto keys precisely to avoid giving the lawyers excuses to sue us.
> So yes, I was named as a defendant on a lawsuit with him, thanks to his antics. That wasn't a fun few months.
So, it sounds like the individual is complaining that he didn't mention them, but also complaining about Sony sueing them, and somehow manages to blame him for Sonys actions? Like Sony gave them credit they didn't want, but they want to complain about not getting the credit they didn't want?
It's as if you gave an academic lecture on a casino's vulnerability to being robbed, and then someone actually went and robbed the casino. You can be mad at the asshole who robbed the casino for two reasons; A: he's put you in hot water that you would have avoided without the robbery; B: he took credit for discovering the vulnerability (or at least didn't correct people who assumed he must be a real hotshot at casino security design)
The worst part of this critique is that it's not even true, and marcan knows better. He clearly dislikes me so much that he is willing to lie.
The symmetric half of the metldr key was obtained with a novel exploit I found. Then the asymmetric half was derived from that with the fail0verflow method.
But who really still cares about any of this, it was 13 years ago.
