This is the gov world though, where the interesting information is things like your address book, your emails (the content as well as the senders/recipients), your private keys and passwords, etc. etc. Client sides…
It just means that the seller is incentivized to minimize the number of people that know about the vulnerability. Which is effectively what "exclusivity" actually means, at least in this case. As an additional point, if…
Cydia (the gray market app store) generates over a million dollars a year in revenue. The operation of this store, and thus its revenue stream, is entirely dependent on jailbroken iOS devices. Thus, there is a business…
As mentioned elsewhere, generally the payment is spread out over months, contingent on the seller keeping their side of the bargain. And the second query describes the business practices of many defense contractors who…
On a related note re: client vs. server. Taking a recent incident that was in the news, when the Brits pwned a pro AQ forum. From that vantage point, the best thing they can do is to target the admins, moderators and…
s/sellers/vendors/ ... lets not forget who created the bugs in the first place, then failed to find and removed them, and finally shipped a dangerously malfunctioning product! (Alien Invaders from Mars --…
A lot of existing capability combined with minimal utility (Linux market share is a rounding error). There is basically no interest.
Consider the possibility that governments can create their own exploits. If they have a large quantity of server side bugs the marginal utility of one more is effectively 0. It is safe to assume that they have existing…
Could you explain your reasoning a bit more? I am not following from "individual invests thousands of hours into their passion; some are compensated for their work by people who value their skills; those individuals are…
The more public the market is, the less effective it is. WabiSabiLabi tried (and failed) to create an eBay for exploits years ago. The item of value is the information, not necessarily the code. As such, the more…
This is the gov world though, where the interesting information is things like your address book, your emails (the content as well as the senders/recipients), your private keys and passwords, etc. etc. Client sides…
It just means that the seller is incentivized to minimize the number of people that know about the vulnerability. Which is effectively what "exclusivity" actually means, at least in this case. As an additional point, if…
Cydia (the gray market app store) generates over a million dollars a year in revenue. The operation of this store, and thus its revenue stream, is entirely dependent on jailbroken iOS devices. Thus, there is a business…
As mentioned elsewhere, generally the payment is spread out over months, contingent on the seller keeping their side of the bargain. And the second query describes the business practices of many defense contractors who…
On a related note re: client vs. server. Taking a recent incident that was in the news, when the Brits pwned a pro AQ forum. From that vantage point, the best thing they can do is to target the admins, moderators and…
s/sellers/vendors/ ... lets not forget who created the bugs in the first place, then failed to find and removed them, and finally shipped a dangerously malfunctioning product! (Alien Invaders from Mars --…
A lot of existing capability combined with minimal utility (Linux market share is a rounding error). There is basically no interest.
Consider the possibility that governments can create their own exploits. If they have a large quantity of server side bugs the marginal utility of one more is effectively 0. It is safe to assume that they have existing…
Could you explain your reasoning a bit more? I am not following from "individual invests thousands of hours into their passion; some are compensated for their work by people who value their skills; those individuals are…
The more public the market is, the less effective it is. WabiSabiLabi tried (and failed) to create an eBay for exploits years ago. The item of value is the information, not necessarily the code. As such, the more…