Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow.

[Pete Herzog <lists () isecom org>]

> Exploit packs, however, could be more readily copied.  Why sell it to
> the highest bidder when you could sell it to all the bidders?  That
> model relies on the sellers to more or less voluntarily adhere to a
> set of standards (Thou shalt not sell multiple copies...), which
> strikes me as difficult to enforce.
>
>  
If I remember correctly, they use to auction off items where there were
many of the same, like for instance, jars of jam, at the county fair. 
What they did was auction off the one which set the price for all of
them.  So each buyer then had to pay the same final bid price.  Any left
over would get auctioned again the next day, starting the auction again
and not keeping the price from the day before (the auctioneer had an
idea though about where to start the bidding however).  Some shop owners
would go to the auction and buy the lot to resell at his/her own store. 
The sale price in the store reflected the auction price plus mark-up.

Not quite the same but not far off.  Only difference is that since it's
IP, the re-seller can price it so that enough buyers cover his original
cost of the auction item as there is no lot to buy- just 1- and the
resale volume is already his.  This would hurt the re-auction the next
day.  So resale limitation can only be legally enforced and not
physically as well as there being a time limit requirement between when
all the people buy at the auction price and when the auction is closed
and same exploit will not be re-auctioned.

-pete.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave