Researchers: Flaw auctions would improve security

Researchers: Flaw auctions would improve security
Robert Lemos, SecurityFocus 2005-12-15

The auction may have set a record price for a highlighter pen and an 8-by-11-inch sheet of paper.

Researchers: Flaw auctions would improve security 2005-12-16
Sean (2 replies)

Re: Researchers: Flaw auctions would improve security 2005-12-18
Ano (1 replies)

Re: Re: Researchers: Flaw auctions would improve security 2005-12-21
Sean

Re: Researchers: Flaw auctions would improve security 2005-12-19
Anonymous (1 replies)

I completely disagree with the idea that vulnerability information should be auctioned off, because if this flaw is not picked up by the software vendor and does fall into the wrong hands, then many "innocent" users are to suffer.

On the contrary to this I believe that software vendors should be VERY heavily fined for each vulnerability exposed. (With a good portion of this fine going to the researcher who discovered it.) This would mean the incentive was directly linked to where it counts....finance. At the same time there is less risk of information on a Vulnerability falling into dangerous hands.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11364/32891#32891

Re: Re: Researchers: Flaw auctions would improve security 2005-12-19
Anonymous

Researchers: Flaw auctions would improve security 2005-12-18
Anonymous (2 replies)

Re: Researchers: Flaw auctions would improve security 2005-12-19
rusga

Re: Researchers: Flaw auctions would improve security 2005-12-19
Anonymous (1 replies)

Re: Re: Researchers: Flaw auctions would improve security 2005-12-20
Anonymous

Researchers: Flaw auctions would improve security 2005-12-20
Bill Barlowe (1 replies)

Re: Researchers: Flaw auctions would improve security 2005-12-29
Anonymous

Researchers: Flaw auctions would improve security 2005-12-21
Howard Israel