Hackers and brokers
Date: July 11, 2007Source: forbes.com
But Dave Aitel, chief technology officer of another vulnerabilities broker called Immunity, says that security professionals will never be able to offer hackers as much money for software bugs as the bad guys. "It's hard to say no if the black market offers you $300,000," Aitel says. "But with us, at least you get a fair valuation and you know that we're bound by the law. The mafia tends to break your knees if they want a cheaper price."
In the eyes of some security professionals, Immunity and Netragard themselves are far from saintly: Neither company reports all of its vulnerabilities to the software's manufacturer upon acquiring them, since doing so would devalue the bugs they purchase. In other words, the vulnerabilities they buy often stay vulnerable, and so do the software's users.
Add comment
Email to a Friend
