Dailydave mailing list archives

Re: Vulnerability Sharing Clubs

From: Adam Shostack <adam () homeport org>
Date: Fri, 4 Mar 2005 09:16:31 -0500

Sure Bob.  Could you check the oil for me, while you're at it?


On Fri, Mar 04, 2005 at 12:42:56AM -0500, Bob Noxious wrote:
| The discussion about recursive auctions and stuff is for dorks. As a
| vendor, especially a large vendor that just might not give a shit,
| would I pay a recurring $100K to pay off some security snots? Or would
| I pay a one-time $100K to arm and motivate some strung-out smack
| fiends in Brooklyn to take care of the problem for me once and for
| all?
| 
| And if I have my own 0-day to protect or sell, why wouldn't I start my
| own Vulnerability Sharing Club Extermination Club, or offer bounties
| for successfully exterminated bug hunters, especially the ones that
| are actually finding and reselling my shit? No whiteh8 bullshit here,
| just the regular honor among arms dealers. There just aren't that many
| of them, you know, and there's more than one kind of hush money.
| 
| It's coming...
| 
| -B0b
| _______________________________________________
| Dailydave mailing list
| Dailydave () lists immunitysec com
| https://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Vulnerability Sharing Clubs Bob Noxious (Mar 03)
- Re: Vulnerability Sharing Clubs cameron (Mar 04)
- Re: Vulnerability Sharing Clubs Adam Shostack (Mar 04)
- Re: Vulnerability Sharing Clubs Bruce K. Marshall (Mar 04)
  - Re: Vulnerability Sharing Clubs Andre Ludwig (Mar 04)
- <Possible follow-ups>
- RE: Vulnerability Sharing Clubs Clemens, Dan (Mar 04)