On Thu, Jan 10, 2013 at 9:03 AM, Mikhail A. Utin <[email protected]> wrote: > ... > I once shared my idea that ZDI is not right way to go. It should be a market > place (web portal) for selling vulnerabilities based on action price. Like > eBay.
this reasoning assumes money is the only deciding factor on when and to whom to release a vuln. some buyers represent more or less ethical implications for your work, which will in turn influence "fair price". and sometimes burning a million dollar vuln for great justice is more satisfying than all the gold in the world... ;) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
