Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow.

[Chris Kuethe <chris.kuethe () gmail com>]

On 6/9/05, Mike Tremoulet <coffeemike () gmail com> wrote:
> Exploit packs, however, could be more readily copied.  Why sell it to
> the highest bidder when you could sell it to all the bidders?  That
> model relies on the sellers to more or less voluntarily adhere to a
> set of standards (Thou shalt not sell multiple copies...), which
> strikes me as difficult to enforce.

Unless one auctions off exclusive-use-for-a-period-of-time rights.
Maybe as part of the auction Dave promises to not rent the exploit to
anyone else this month. Some time during the next 8 months, $BIGVENDOR
gets tired of paying the Dave tax, fixes the problem, ships a patch to
their customers, forcing them to apply it on pain of invalidating
their support contracts. Now they don't care if the exploit is out
there, so Dave can now sell more long-term rights to more users (like
in canvas)...

It's all down to how much money does it take to make all parties
minimally pissed-off.

-- 
GDB has a 'break' feature; why doesn't it have 'fix' too?
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave