Dailydave mailing list archives

Re: Faster, smashter. (fwd)

From: Thorsten Holz <thorsten.holz () gmail com>
Date: Wed, 10 Dec 2008 08:40:29 +0100

On Dec 10, 2008, at 3:19 AM, sinan.eren () immunitysec com wrote:

I would appreciate ideas to tie the value of a vulnerability to a  
premium, any
quants who do security as well ?



Rainer Böhme discussed the idea of exploit derivatives and cyber- 
insurances in a talk at CCC'05: http://events.ccc.de/congress/2005/fahrplan/events/801.en.html
There is also a paper from the Workshop on the Economics of  
Information Security (WEIS 2005), in which Böhme discusses these ideas  
in more detail: http://infosecon.net/workshop/pdf/15.pdf

Pretty interesting concept, but some obstacles need to be taken when  
implementing such a market (monoculture, correlation of attacks and  
such).

Cheers,
   Thorsten
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Re: Faster, smashter. (fwd), (continued)
- Re: Faster, smashter. (fwd) security curmudgeon (Dec 09)
- Re: Faster, smashter. (fwd) BEES INC (Dec 10)
  - Re: Faster, smashter. (fwd) Jon Passki (Dec 10)
    - Re: Faster, smashter. (fwd) BEES INC (Dec 11)
    - Re: Faster, smashter. (fwd) Jon Passki (Dec 11)
    - Robert Seacord on the CERT C Secure Coding Standard Robert Seacord (Dec 16)
    - Message not available
    - Re: Robert Seacord on the CERT C Secure Coding Standard Robert Seacord (Dec 17)
  - Re: Faster, smashter. (fwd) sinan . eren (Dec 10)
    - Re: Faster, smashter. (fwd) Matthew Wollenweber (Dec 11)
  - Re: Faster, smashter. (fwd) Robert Lemos (Dec 11)
- Re: Faster, smashter. (fwd) Thorsten Holz (Dec 10)
  - Re: Faster, smashter. (fwd) Charles Miller (Dec 11)