Dailydave mailing list archives
Re: Announcing the Zero Day Initiative
From: "I)ruid" <druid () caughq org>
Date: Tue, 02 Aug 2005 15:35:10 -0500
On Tue, 2005-07-26 at 00:53 +0100, MindsX wrote:
Heck - I'm definately not gonna get into a slamming match against you - but the bottom line is that IF I am going to sell a 'sploit [yea as IF i have the R&D time].... then I might aswell get _maximum_ revenue from it...
My reply wasn't intended as the beginning of a slamming match (at least I assume this is a reply to my post, no quote?), I was just making a point, which I probably didn't make very well.
I don't disagree.... after a few beers with a few peeps that might view this list earlier tonight... it is a good thing that you can now become a professional researcher.... Bottom line tho - IF someone, with a handle and a reputation, stuck a massively interesting remote exploit up for sale on eBay - it would get /.'d and then removed :) ...
That was also kinda where I was coming from. Unless you already have the rep to back up your research, using a forum where the research is not verified by a trusted third party only serves the heavy hitters, thus creating a significant barrier to entry to the new researcher in the field. To be useful to everyone, I'm afraid a 3rd party is necessary, which opens an entirely new can of worms.
I was more refering to the free market... researchers would get 'top dollar' for their research... whereas this is more of a marketing ploy by 3Com to get into the 0day race against various private consultancies who chuck money into people not just the final product - build an army with conslutants [typo - honest!]... and at the start of the war - no one surrounds you - as the enemy will always pay more!
I agree, as I'm a capitalist myself. Having multiple buyers in direct competition in the market only helps the situation for the sellers, and also helps determine the actual value of the research that's being provided. -- I)ruid, CĀ²ISSP druid () caughq org http://druid.caughq.org
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- RE: Announcing the Zero Day Initiative, (continued)
- RE: Announcing the Zero Day Initiative Andrew R. Reiter (Jul 25)
- Re: Announcing the Zero Day Initiative Etaoin Shrdlu (Jul 25)
- Re: Announcing the Zero Day Initiative TXS (Jul 25)
- Re: Announcing the Zero Day Initiative Listas (Jul 26)
- RE: Announcing the Zero Day Initiative Evgeny Pinchuk (Jul 25)
- RE: Announcing the Zero Day Initiative David Endler (Jul 25)
- Re: Announcing the Zero Day Initiative MindsX (Jul 25)
- Re: Announcing the Zero Day Initiative I)ruid (Jul 25)
- Re: Announcing the Zero Day Initiative MindsX (Jul 25)
- Re: Announcing the Zero Day Initiative Frank Knobbe (Jul 25)
- Re: Announcing the Zero Day Initiative I)ruid (Aug 02)
- Re: Announcing the Zero Day Initiative MindsX (Jul 25)