New Site Aims To Be iTunes For Exploits

Posted by Soulskill on Friday October 15, 2010 @05:40AM from the bet-they-won't-cost-99-cents dept.

Trailrunner7 writes "It's been tried before, but NSS Labs founder Rick Moy says his company's new Exploit Hub — a store front for exploit code — can work. In an interview, he explains why the current market for exploits doesn't work for the good guys, and why zero-day exploits don't help anyone. Above-board markets for software vulnerabilities have been around for close to a decade, but previous efforts to market exploits have had mixed results. The business of selling exploits versus vulnerabilities is fraught with danger, and organizations like WabiSabiLabi have operated eBay-style marketplaces for zero-day exploits for years, but haven't seen exploit writers beating a path to their door. The need for an above-board marketplace that can compete with the black market surely exists, but getting it to work is another matter entirely."

3 of 55 comments (clear)

Min score:

Reason:

Sort:

Moy didn't say "iTunes" by BadAnalogyGuy · 2010-10-15 05:44 · Score: 5, Informative

He compared his company to "Craigslist", not "iTunes".
I'm not sure that's the image you'd want to project for your company, but I'm not that guy.
1. Re:Moy didn't say "iTunes" by putch · 2010-10-15 06:02 · Score: 2, Informative
  
  There ain't no such thing as a free hooker
  
  --
  just because I don't care doesn't mean I don't understand!
Re:What the hell by stephanruby · 2010-10-15 08:04 · Score: 4, Informative

Charging money for software you created 'with your own labor' is generally bad.
No. Open source doesn't mean free. It never did. RMS, the GPL, they all say that you can charge for your work. Do I really need to find the citation for this? Or are you just pulling my leg?