Re: Vulnerabilities Market

[Michal Zalewski <lcamtuf () coredump cx>]

> There's a good survey of the 0-day vulnerabilities market with breakdowns by
> vendor including pricing, trustworthiness and friendliness posted online at
> http://unsecurityresearch.com/index.php?option=com_content&view=article&id=52&Itemid=57
> (thanks to @reversemode RT @nrathaus).

The percentages shown in the "how many times were you paid $xxx for
your bugs" questions are often 0%, 3.8%, 7.7%, or 15.4% - and nothing
in between. From this, looks like they have 26 bug sale data points,
spread across 10 bins. If so, the percentages are largely meaningless.

/mz
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave