[ISN] Vulnerability auction launches online

From: InfoSec News (alerts@private)
Date: Mon Jul 09 2007 - 01:33:36 PDT

Forwarded from: security curmudgeon <jericho (at) attrition.org>

The one big unanswered question:

: Vulnerability auction launches online
: Published: 2007-07-06
: http://www.securityfocus.com/brief/542?ref=rss
: A group of security professionals launched this week what they hope will
: become the eBay of security research.
: The Swiss-registered company, WSLabi, boasts that its online portal will
: allow researchers to sell vulnerabilities they have discovered to
: software companies and other interested parties through an open market.
: WSLabi plans to verify the identities and claims of both the buyer and
: seller. Already, four software flaws -- including a Linux memory leak
: and a flaw in Yahoo! Messenger 8.1 -- are listed on the site and more
: than 200 people have registered, according to the firm.


Q: What guarantees will you give me about the reliability of the security
researches listed on the market place?
A: Full guarantee. Every piece of security research is carefully analyzed
and replicated in our own laboratories and eventually implemented with our
own complementary research material before being placed on the market


WSLabi is also a full service provider of security intelligence to
corporations, governments and international organizations.


Add these up and you have a company that gets full information on the
vulnerabilities, and potentially shares it with their clients and/or the
government(s), profiting heavily while "only acting as mediators" in the

Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com

This archive was generated by hypermail 2.1.3 : Mon Jul 09 2007 - 01:48:27 PDT