Dailydave mailing list archives

Vulnerability Sharing Clubs

From: Bob Noxious <b.noxious () gmail com>
Date: Fri, 4 Mar 2005 00:42:56 -0500

The discussion about recursive auctions and stuff is for dorks. As a
vendor, especially a large vendor that just might not give a shit,
would I pay a recurring $100K to pay off some security snots? Or would
I pay a one-time $100K to arm and motivate some strung-out smack
fiends in Brooklyn to take care of the problem for me once and for
all?

And if I have my own 0-day to protect or sell, why wouldn't I start my
own Vulnerability Sharing Club Extermination Club, or offer bounties
for successfully exterminated bug hunters, especially the ones that
are actually finding and reselling my shit? No whiteh8 bullshit here,
just the regular honor among arms dealers. There just aren't that many
of them, you know, and there's more than one kind of hush money.

It's coming...

-B0b
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Vulnerability Sharing Clubs Bob Noxious (Mar 03)
- Re: Vulnerability Sharing Clubs cameron (Mar 04)
- Re: Vulnerability Sharing Clubs Adam Shostack (Mar 04)
- Re: Vulnerability Sharing Clubs Bruce K. Marshall (Mar 04)
  - Re: Vulnerability Sharing Clubs Andre Ludwig (Mar 04)
- <Possible follow-ups>
- RE: Vulnerability Sharing Clubs Clemens, Dan (Mar 04)