Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
tencentshill 6 hours ago

They could sell the next one to an adversary for a lot more money if they're going to act like that.

lixtra 6 hours ago | parent | next [-]

Yes, there are also many other lucrative illegal activities.

sailfast 5 hours ago | parent | next [-]

How is it illegal? It’s information available to the public.

tardedmeme 6 hours ago | parent | prev [-]

Isn't it also illegal to withhold knowledge of a vulnerability for payment? It sounds like it should fall under some variety of blackmail.

mtlynch 5 hours ago | parent [-]

That would be even worse than our already bad system.

The system is already pretty bad because vendors underinvest in security, and then to fix it, researchers have to volunteer their time to investigate with no guarantee of payment. If the vendor could force researchers to hand over findings for free, nobody would want to do security research except hobbyists having fun. They're basically signing up for hours of tedious forced labor to explain vulnerabilities to the vendor.

I wish there was legislation that allowed the government to fine vendors for security vulnerabilities like this where the amount scales based on how much user data they leaked. And it could function like other whistleblower systems where a researcher who spots a leak can report it to the government and collect 50%. That way, if the vendor says, "We're not paying you," the researcher can turn around and collect the money from fines.

tardedmeme 5 hours ago | parent [-]

Vendors routinely get researchers arrested for breaking into their computers as well.

somewhatgoated 5 hours ago | parent | prev | next [-]

Legality aside there is no market for this really.

waffleiron 4 hours ago | parent [-]

Data breaches of average people sell for quite a bit of money, often for phishing. I find it hard to believe no one would be interested in this.

Or any other dataset with a hyper targeted demographic.

6 hours ago | parent | prev [-]
[deleted]