Dailydave mailing list archives

Re: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow.

From: Matt Hargett <matt () use net>
Date: Thu, 09 Jun 2005 11:44:23 +0000

john blumenthal wrote:

A few years back Greg Hoglund and I explored the use of an auction model
("0bay") that would be anonymized while using a verification and reputation
model much like eBay does today.  Some of the recent webmobs resemble this
model.  Our employer at the time had us tear down the site based on legal
advice.  ;-)  I'd love to put the system back online if some sharp Stanford
lawyer interested in pro bono work and alot of publicity might donate their
time to building legal firewalls.

I like the idea of auctioning exploits.  I think it would shift the industry
pretty radically since the market's invisible hand should be capable of
driving demand for high value exploits.  Some economic forces to consider
given, say, a package of 0day remote exploits on Oracle:

        -- would it be more economical for Oracle to QA these, sue you to avoid
disclosing, or simply purchase the exploits in an auction (effectively using
the 0bay site as an outsourced security QA service ;-) ) to take them off
the market?

I particularly liked this idea, and still do. Was this part of theironing we did at Red Rock coffee shop in downtown mt.view? The look onpeople's faces around us as we discussed was very amusing :)


Also, nice vendor shout-out ;>
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow., (continued)
- RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. john blumenthal (Jun 08)
  - Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. Mike Tremoulet (Jun 09)
    - Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. Chris Kuethe (Jun 09)
    - Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. Pete Herzog (Jun 09)
    - Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. byte_jump (Jun 09)
    - RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. john blumenthal (Jun 09)
  - RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. Chris Wysopal (Jun 09)
    - RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. john blumenthal (Jun 09)
    - RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. Chris Wysopal (Jun 09)
    - Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. dan (Jun 10)
  - Re: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. Matt Hargett (Jun 09)
    - RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. john blumenthal (Jun 09)
    - Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. Thomas H. Ptacek (Jun 09)
    - RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. john blumenthal (Jun 09)
    - Re: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. Blue Boar (Jun 09)
    - Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. byte_jump (Jun 09)
    - Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. Matt Hargett (Jun 09)