Dailydave mailing list archives
Re: Vulnerability Sharing Clubs
From: "Bruce K. Marshall" <bkmlstsgohere () comcast net>
Date: Fri, 4 Mar 2005 11:43:27 -0600
Not that I grant your message much seriousness, but why would they want to pay $100K to engage in criminal activities? They could pay $100K to lawyers who would then invoke the DMCA or other legal tools to achieve more meaningful results.
---- Bruce K. Marshall - bkmarshall () passwordresearch com Chief Scientist - Password Research Institute----- Original Message ----- From: "Bob Noxious" <b.noxious () gmail com>
To: <dailydave () lists immunitysec com> Sent: Thursday, March 03, 2005 11:42 PM Subject: [Dailydave] Vulnerability Sharing Clubs
The discussion about recursive auctions and stuff is for dorks. As a vendor, especially a large vendor that just might not give a shit, would I pay a recurring $100K to pay off some security snots? Or would I pay a one-time $100K to arm and motivate some strung-out smack fiends in Brooklyn to take care of the problem for me once and for all? And if I have my own 0-day to protect or sell, why wouldn't I start my own Vulnerability Sharing Club Extermination Club, or offer bounties for successfully exterminated bug hunters, especially the ones that are actually finding and reselling my shit? No whiteh8 bullshit here, just the regular honor among arms dealers. There just aren't that many of them, you know, and there's more than one kind of hush money. It's coming...-B0b
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Vulnerability Sharing Clubs Bob Noxious (Mar 03)
- Re: Vulnerability Sharing Clubs cameron (Mar 04)
- Re: Vulnerability Sharing Clubs Adam Shostack (Mar 04)
- Re: Vulnerability Sharing Clubs Bruce K. Marshall (Mar 04)
- Re: Vulnerability Sharing Clubs Andre Ludwig (Mar 04)
- <Possible follow-ups>
- RE: Vulnerability Sharing Clubs Clemens, Dan (Mar 04)