Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: how to sell and get a fair price
From: Źmicier Januszkiewicz <gauri () tut by>
Date: Thu, 10 Jan 2013 19:04:22 +0100

Hey Mikhail,

Nice idea! Although it does not fit very well with "Information must be
free" principle I feel we all love and care about.

That aside, there are a few key stones missing in your arc, namely --
quality and trust. Nobody wants to pay for crap, you know, and right now I
just don't see how this trust and quality level could be established in
your project. I wouldn't pay j0nnyh4x0r for something I cannot read (and
allowing to read the info before buying just kills the whole point, isn't
it? Read-fix-release... no money spent), and for well-known and trustworthy
persons... why not just hire them and be happy?

So let's see how you would patch this vulnerability in your idea! ;-)

P.S. No offense intended.

Cheers,
Ź.

2013/1/10 Mikhail A. Utin <mutin () commonwealthcare org>

** **

List,****

Here is the link to Information Security Magazine issue with “Market for
vulnerability information grows – Cashing on Zero-day exploits” for your
information.****

I once shared my idea that ZDI is not right way to go. It should be a
market place (web portal) for selling vulnerabilities based on action
price. Like eBay. That would be the place to get fair price for your hard
work and skills. I would like to see HP and MS betting on 0-days. After
all,a  vulnerability and an exploit are intellectual products. Not sure
copyright could be claimed, but why not?****

** **

http://www.bitpipe.com/data/demandEngage.action?resId=1354307828_722****

** **

Enjoy****

* *

*Mikhail*****

CONFIDENTIALITY NOTICE: This email communication and any attachments may contain confidential
and privileged information for the use of the designated recipients named above. If you are
not the intended recipient, you are hereby notified that you have received this communication
in error and that any review, disclosure, dissemination, distribution or copying of it or its
contents is prohibited. If you have received this communication in error, please reply to the
sender immediately or by telephone at (617) 426-0600 and destroy all copies of this communication
and any attachments. For further information regarding Commonwealth Care Alliance's privacy policy,
please visit our Internet web site at http://www.commonwealthcare.org.



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]