Slashdot Mirror

← Back to Stories (view on slashdot.org)

Exploit Vendor Publishes Prices For Zero-Day Vulnerabilities

Posted by samzenpus on Friday November 20, 2015 @12:33AM from the paying-for-problems dept.

An anonymous reader writes: An exploit vendor published a price list for the zero-day bugs it's willing to buy. The highest paid bugs are for remote jailbreaks for iOS. Second is Android and Windows Phone. Third there are remote code execution bugs for Chrome, Flash, and Adobe's PDF Reader. This is the same company that just paid $1 million to a hacker for the first iOS9 jailbreak.

1 of 21 comments (clear)

Min score:

Reason:

Sort:

Still legal? by phishybongwaters · 2015-11-20 00:40 · Score: 4, Interesting

I'm still confused as how this exploit market is still legal. Security research has legal purposes, exploit discovery has legal purposes. But the selling of exploits on an open market seems to only have one purpose. Using those exploits for something nefarious. So on the one hand according to some, just the fact that there is torrent traffic on my network makes me a criminal..... but on the other this company can buy and sell exploits to be used to hack and attack people and it's perfectly legal? Sounds about right.