[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Security discussion: Summary of proposals and criteria (was Re: Security vulnerability process, and CVE-2012-0217)

On 09/07/2012 14:25, "Joanna Rutkowska" <joanna@xxxxxxxxxxxxxxxxxxxxxx>

>> If you're into security industry (going to conferences, etc) you
>> certainly know the right people who would be delight to buy exploits
>> from you, believe me ;) Probably most Xen developers don't fit into this
>> crowd, true, but then again, do you think it would be so hard for an
>> interested organization to approach one of the Xen developers on the
>> pre-disclousure list? How many would resist if they had a chance to cash
>> in some 7-figure number for this (I read in the press that hot
>> bugs/exploits sell for this amount actually)?
> (Correction: I meant a 6-figure number)

Thought I was in the wrong end of the business there for a while. ;)

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.