eBay for 0-Day Unlikely To Hack it
from the bug-juice dept
This past week, a Swiss firm launched what could be described as an eBay for zero-day security vulnerabilities, an organized marketplace where security researchers or hackers can get paid for handing over their discoveries. The idea is that this site would present an alternative to existing black markets, whereby hackers trade in information that can be used for malicious purposes. There's no doubt that the world of independent security researchers needs some help. Even those individuals that have legitimate aims can get into legal trouble, if it's felt that they overstepped some bounds in doing their research. Unfortunately, this bug marketplace isn't likely to improve the situation. Researchers will still be taking a risk anytime they do research, while those whose aims are less noble will still opt to monetize their research through shadier channels, particularly if the black market is deemed as more lucrative.