Computer Crime Research Center


Hackers and brokers

Date: July 11, 2007

But Dave Aitel, chief technology officer of another vulnerabilities broker called Immunity, says that security professionals will never be able to offer hackers as much money for software bugs as the bad guys. "It's hard to say no if the black market offers you $300,000," Aitel says. "But with us, at least you get a fair valuation and you know that we're bound by the law. The mafia tends to break your knees if they want a cheaper price."

In the eyes of some security professionals, Immunity and Netragard themselves are far from saintly: Neither company reports all of its vulnerabilities to the software's manufacturer upon acquiring them, since doing so would devalue the bugs they purchase. In other words, the vulnerabilities they buy often stay vulnerable, and so do the software's users.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo