Dailydave mailing list archives
Re: Announcing the Zero Day Initiative
From: Frank Knobbe <frank () knobbe us>
Date: Mon, 25 Jul 2005 20:58:29 -0500
On Tue, 2005-07-26 at 00:53 +0100, MindsX wrote:
... whereas this is more of a marketing ploy by 3Com to get into the 0day race against various private consultancies
I don't think that is the motivation. The motivation, I believe, is that just the fact of having such a unit can be used greatly in advertising. "Come here, prospects, we buy 0-days and can protect you from stuff others can't". Of course there is no visibility on which exploits are really in the bag since that would be akin to unzipping your intellectual property fly. No one can verify that is indeed a valid 0-day since that information is closely guarded. Or do you think they pay money and then, in an act of sudden goodwill, give it for free to the public? And so the client believes he gets more for free....what other choice does he have than to believe it? Potential buyers don't know, and have no means of verifying the quality or quantity of said miraculous 0-days. What neither iDefense nor 3Com understands is that: a) 0-days are used to embarrass/harass/tease/shame vendors by writing worms and deface web sites or subvert services (pseudo political statements), b) 0-days are used in hacker neighborhood turfwars, to collect and build a larger zombie army in order to defeat the rival gang in the next town (adolescent rivalry), c) 0-days are used in interesting explorations of world-wide connected systems (perhaps in search of UFO evidence...*chuckle*) (curiosity) d) 0-days are used to provide income either through the rent of botnets for spam distribution or DDoS assistance in the ever-so-popular extortion schemes (real profit). Why on earth would anyone want to waste a 0-day on a company that barely pays a couple thousand for it? That's where the old, stale, used and discovered (but perhaps not publicized) 0-days go to. In essence iDefense and 3Com are trashcans that old 0-days get thrown into. You don't really think they get first-class material that is still being used for a) through d), do you? :) And 3Com/iDefense know that. But that's okay, that's not why they want them for. It's only for marketing (see above). Cheers, Frank
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- RE: Announcing the Zero Day Initiative, (continued)
- RE: Announcing the Zero Day Initiative David Endler (Jul 25)
- RE: Announcing the Zero Day Initiative Andrew R. Reiter (Jul 25)
- Re: Announcing the Zero Day Initiative Etaoin Shrdlu (Jul 25)
- Re: Announcing the Zero Day Initiative TXS (Jul 25)
- Re: Announcing the Zero Day Initiative Listas (Jul 26)
- RE: Announcing the Zero Day Initiative David Endler (Jul 25)
- RE: Announcing the Zero Day Initiative Evgeny Pinchuk (Jul 25)
- RE: Announcing the Zero Day Initiative David Endler (Jul 25)
- Re: Announcing the Zero Day Initiative MindsX (Jul 25)
- Re: Announcing the Zero Day Initiative I)ruid (Jul 25)
- Re: Announcing the Zero Day Initiative MindsX (Jul 25)
- Re: Announcing the Zero Day Initiative Frank Knobbe (Jul 25)
- Re: Announcing the Zero Day Initiative I)ruid (Aug 02)
- Re: Announcing the Zero Day Initiative MindsX (Jul 25)