Dailydave mailing list archives
RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow.
From: john blumenthal <jblumen () xmission com>
Date: Thu, 09 Jun 2005 10:34:52 -0600
This is an excellent point and taken care of imho by the reputation model and ranking systems found on auction sites like eBay. -----Original Message----- From: dailydave-bounces () lists immunitysec com [mailto:dailydave-bounces () lists immunitysec com]On Behalf Of byte_jump Sent: Thursday, June 09, 2005 9:14 AM To: dailydave Subject: Re: [Dailydave] A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. On 6/9/05, Mike Tremoulet <coffeemike () gmail com> wrote:
Just one thought to add here: The big difference to overcome that I see is that, with a physical auction, there is a finite (usually one) number of goods on sale. Dave's painting could be auctioned because there's only one of them, and the painting goes to the highest bidder. Exploit packs, however, could be more readily copied. Why sell it to the highest bidder when you could sell it to all the bidders? That model relies on the sellers to more or less voluntarily adhere to a set of standards (Thou shalt not sell multiple copies...), which strikes me as difficult to enforce. -- Mike
Again, we're back to a supply-demand issue here. If the exploit writer decides to sell the exploit or rights to the exploit under the table, and that fact is ever found out, he's effectively removed himself from any bidders in the future. Who's going to bid on an exploit from someone who will turn around and sell it under the table to others? As an aside to this, the exploit writer can also influence the price of an exploit to some degree. In the world of art, a successful artist with a reputation for creating fabulous works of art can sell limited quantity art pieces, where he sells one, two, three, or whatever number of pieces he wants to sell. If the demand in the market is for 100 of his art pieces and he only makes and sells two, the price of those two will be quite high. If, sometime in the future, Mr. Artist decides to sell two more into the market, the original buyers, who now in effect overpaid for the original two pieces, would be quite upset and the artist's reputation in the marketplace would take a hit. His future limited-number pieces would be understood to mean "limited-number for a few weeks" and that understanding would be factored into any future prices. The market itself seems to be the best enforcement for the scenario you present. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. Dave Aitel (Jun 08)
- RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. john blumenthal (Jun 08)
- Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. Mike Tremoulet (Jun 09)
- Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. Chris Kuethe (Jun 09)
- Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. Pete Herzog (Jun 09)
- Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. byte_jump (Jun 09)
- RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. john blumenthal (Jun 09)
- Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. Mike Tremoulet (Jun 09)
- RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. Chris Wysopal (Jun 09)
- RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. john blumenthal (Jun 09)
- RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. Chris Wysopal (Jun 09)
- Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. dan (Jun 10)
- RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. john blumenthal (Jun 08)
- Re: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. Matt Hargett (Jun 09)
- RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. john blumenthal (Jun 09)
- Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. Thomas H. Ptacek (Jun 09)
- RE: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. john blumenthal (Jun 09)
- Re: A single line drawn by Picasso, an Iraqi artist,and a buffer overflow. Blue Boar (Jun 09)
- Re: A single line drawn by Picasso, an Iraqi artist, and a buffer overflow. byte_jump (Jun 09)