Wednesday, August 10, 2022

No more free bugs

Privacy activist Christopher Soghoian’s keynote at the Virus Bulletin 2012 conference in Dallas this week probed the morally ambivalent practice of selling security exploits, whether to the vendor whose systems can be compromised or to third-party government clients.
 

 

Image courtesy of Shutterstock
 
While many companies are offering bounties to those who report vulnerabilities, the sums can be piddling next to what a third-party — say, the U.S. government — might pay for the information, he said, according to this post on the Naked Security blog.
 
RELATED CONTENT
 
As Soghoian puts it, “Google and Microsoft can’t outbid the U.S. government. They will never win a bidding war with the army, navy or NSA.”
 
Interesting is the company Endgame Systems, whose Web site tells nothing about the company but simply provides an e-mail link. The company goes to great pains to keep a low profile. Its clients include the U.S. Department of Defence.
 
 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Dave Webb
Dave Webb
Dave Webb is a freelance editor and writer. A veteran journalist of more than 20 years' experience (15 of them in technology), he has held senior editorial positions with a number of technology publications. He was honoured with an Andersen Consulting Award for Excellence in Business Journalism in 2000, and several Canadian Online Publishing Awards as part of the ComputerWorld Canada team.

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.