Zero-day sales not "fair" -- to researchers

Zero-day sales not "fair" -- to researchers
Robert Lemos, SecurityFocus 2007-06-01

Two years ago, Charles Miller found a remotely exploitable flaw in a common component of the Linux operating system, and as many enterprising vulnerability researchers are doing today, he decided to sell the information.

Cry me a river Mr Miller 2007-06-04
Anonymous

As far as I am concerned, iDefence and 3Com are now part of the problem rather than part of the solution. Bug bounties place a commercial incentive on exploit development with out any reliable assurances at all towards the common good.

As far as Mr. Miller's concern that government participation ...

[ more ]