[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] how to sell and get a fair price

To: "Mikhail A. Utin" <mutin@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] how to sell and get a fair price
From: coderman <coderman@xxxxxxxxx>
Date: Thu, 10 Jan 2013 11:53:20 -0800

On Thu, Jan 10, 2013 at 9:03 AM, Mikhail A. Utin
<mutin@xxxxxxxxxxxxxxxxxxxx> wrote:
> ...
> I once shared my idea that ZDI is not right way to go. It should be a market
> place (web portal) for selling vulnerabilities based on action price. Like
> eBay.

this reasoning assumes money is the only deciding factor on when and
to whom to release a vuln.  some buyers represent more or less ethical
implications for your work, which will in turn influence "fair price".

and sometimes burning a million dollar vuln for great justice is more
satisfying than all the gold in the world... ;)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] how to sell and get a fair price
  - From: Mikhail A. Utin

Prev by Date: [Full-disclosure] Websitebaker Add-on 'Concert Calendar 2.1.4' XSS & SQLi vulnerability
Next by Date: [Full-disclosure] [CVE-2012-5616] Apache CloudStack information disclosure vulnerability
Previous by thread: [Full-disclosure] how to sell and get a fair price
Next by thread: Re: [Full-disclosure] how to sell and get a fair price
Index(es):
- Date
- Thread