Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Research and Blackmail

Posted by kdawson on from the pay-to-play dept.

harryjohnston alerts us to a story picked up by a few bloggers in the security space. A Russian security research company, Gleg, has discovered a zero-day in the latest version of RealPlayer 11. But they won't reveal details to Real, or to CERT, despite repeated requests. Details are available only to their clients who pay a lot of money for early access to such knowledge. To describe Gleg's business model Daniweb rather cautiously puts forward the word "blackmail." The story was first exposed in Ryan Nariane's Securitywach blog.

1 of 307 comments (clear)

  1. Re:Intellectual Property by jacquesm · · Score: 0, Flamebait

    even fairer, they *did* release information, precisely one bit worth: is there an unpatched exploit in real ? the answer is 'yes'. So now all real has to do is get off it's ass and do its job *or* open source their code and we'll help them ;)

    --
    MP3 Search Engine