Risky Business #195 -- HD Moore on the new, 'legit underground'
On this week's show we're chatting with HD Moore all about a recent decision by research house VUPEN to refuse to share their research into Chrome vulnerabilities with Google.
The French group likely sells 0days to governments, militaries and intelligence agencies to use on offensive operations -- so of course sharing its exploit information wouldn't make much sense for them. But what does this mean? Will we see any bugs in the open anymore? Or will they all go underground and be sold to governments?
Yes it's old news, and we saw how many times the reverbed pwnserised got used in the news segment, for anyone who's interested in how many times Sony actually got owned check out the fine folks at datalossdb.org and attrition.org.
PLUS Security at scale, risks to bug bounties...1 day 37 min ago
So much crypto in the news these days...1 day 52 min ago
P1 Security (and Qualys) founder Philippe Langlois talks SIM key haxx...1 week 1 day ago
Dramatic fails FTW!1 week 1 day ago
New compile-time tricks, split TLB tricks and MOAR...2 weeks 7 hours ago