Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Research and Blackmail

Posted by kdawson on from the pay-to-play dept.

harryjohnston alerts us to a story picked up by a few bloggers in the security space. A Russian security research company, Gleg, has discovered a zero-day in the latest version of RealPlayer 11. But they won't reveal details to Real, or to CERT, despite repeated requests. Details are available only to their clients who pay a lot of money for early access to such knowledge. To describe Gleg's business model Daniweb rather cautiously puts forward the word "blackmail." The story was first exposed in Ryan Nariane's Securitywach blog.

1 of 307 comments (clear)

  1. Re:But... by techno-vampire · · Score: 4, Informative
    But who does use RealPlayer anyway, that this could possibly affect?


    All the Aunt Tillies out there who use Windows because it came installed on their computers and have no idea what an operating system is. They use IE for the same reason, and when they want to hear an audio file, guess what IE tells them to install? One hint: it won't be VLC.

    --
    Good, inexpensive web hosting