Security researchers who find holes in software can now sell their findings to the highest bidder. An online auction house has been created to bring together those who find the loopholes with the companies that can do something about them.
In early 2006 anti-virus firm Kaspersky Labs revealed that Russian hackers had been selling the Windows WMF vulnerability for $4000. The loophole was offered for sale weeks before it was widely known about and long before Microsoft moved to close it.
The independent auction house, called WabiSabiLabi, aims to staunch the flow of vulnerabilities to the underground by giving security researchers a legitimate marketplace for what they find.
I don’t know if this will be useful or not. But, can we come with a law against any more cutesy names? One more Web 2.0 company with six vowels and I’ll vomit.
Let’s see… Auctioning info on security holes found in M$ Windows won’t do because they’re as abundant as sesame seeds.
Auctioning info on security holes found in OSX won’t do too because no one cares about OSX.
Wonder what their (WSLabi) percentage of sales is, article or website didn’t specify. Wish I’d thought of it.
There seems to be a market for anything and everything, and an abundance of those ready to spend. Microsoft has the resources sure but there is a strong wind blowing!