Author Topic: Security Firm keeps an eye on the bottom line!  (Read 975 times)

Offline gunug

  • TS Addict
  • *****
  • Posts: 6710
  • TS Palindrome
    • View Profile
Security Firm keeps an eye on the bottom line!
« on: April 01, 2012, 11:43:13 AM »
Apparently according to the Electronic Frontier Foundation and some research for Forbes magazine there are some computer security companies that aren't reporting open exploits to keep the money coming in:

QUOTE
France-based VUPEN is one of the highest-profile firms trafficking in zero-day exploits. Earlier this month at the CanSecWest information security conference, VUPEN declined to participate in the Google-sponsored Pwnium hacking competition, where security researchers were awarded up to $60,000 if they could defeat the Chrome browser’s security and then explain to Google how they did it. Instead, VUPEN—sitting feet away from Google engineers running the competition—successfully compromised Chrome, but then refused to disclose their method to Google to help fix the flaw and make the browser safer for users.

“We wouldn’t share this with Google for even $1 million,” said VUPEN founder Chaouki Bekrar. “We don’t want to give them any knowledge that can help them in fixing this exploit or other similar exploits. We want to keep this for our customers.” VUPEN, which also “pwned” Microsoft’s Internet Explorer, bragged it had an exploit for “every major browser,” as well as Microsoft Word, Adobe Reader, and the Google Android and Apple iOS operating systems.

https://www.eff.org/deeplinks/2012/03/zero-...security-debate


The Forbes article is here and will be in their April 9th issue:

http://www.forbes.com/sites/andygreenberg/...ix-figure-fees/
« Last Edit: April 02, 2012, 08:07:48 AM by gunug »
"If there really is no beer in heaven then maybe at least the
computers will work all of the time!"

Offline Xairbusdriver

  • Administrator
  • TS Addict
  • *****
  • Posts: 26388
  • 27" iMac (mid-17), Big Sur, Mac mini, Catalina
    • View Profile
    • Mid-South Weather
Security Firm keeps an eye on the bottom line!
« Reply #1 on: April 01, 2012, 03:35:53 PM »
So, who's the "Security Firm?" dntknw.gif Certainly not VUPEN. It's firmly in the 'Security Avoidance and Destruction' category.
THERE ARE TWO TYPES OF COUNTRIES
Those that use metric = #1 Measurement system
And the United States = The Banana system
CAUTION! Childhood vaccinations cause adults! :yes:

Offline krissel

  • Administrator
  • TS Addict
  • *****
  • Posts: 14736
    • View Profile
Security Firm keeps an eye on the bottom line!
« Reply #2 on: April 02, 2012, 12:13:37 AM »
QUOTE
“Vupen is the Snooki of this industry,” says Soghoian. “They seek out publicity, and they don’t even realize that they lack all class. They’re the Jersey Shore of the exploit trade.”


rolleyes.gif


A Techsurvivors founder

Offline Paddy

  • Administrator
  • TS Addict
  • *****
  • Posts: 13797
    • View Profile
    • https://www.paddyduncan.com
Security Firm keeps an eye on the bottom line!
« Reply #3 on: April 02, 2012, 03:58:41 PM »
In a lot of other contexts, this would be blackmail.

I really don't know how some of these turkeys sleep at night. dry.gif
"If computers get too powerful, we can organize them into committees. That'll do them in." ~Author unknown •iMac 5K, 27" 3.6Ghz i9 (2019) • 16" M1 MBP(2021) • 9.7" iPad Pro • iPhone 13