Risky Business #195 -- HD Moore on the new, 'legit underground'

Most weaponised exploits now sold to governments, HD Moore says...
26 May 2011 » Risky Business

On this week's show we're chatting with HD Moore all about a recent decision by research house VUPEN to refuse to share their research into Chrome vulnerabilities with Google.

The French group likely sells 0days to governments, militaries and intelligence agencies to use on offensive operations -- so of course sharing its exploit information wouldn't make much sense for them. But what does this mean? Will we see any bugs in the open anymore? Or will they all go underground and be sold to governments?

This week's edition of the show is brought to you by NetWitness. Eddie Shwartz will be along after this week's feature interview to discuss the role of vendor marketing in making our situation worse. It's the job of marketing and salespeople to dazzle executives with bulldust -- but is it driving enterprise security investment in the best direction? Find out in this week's sponsor interview with Eddie Shwartz.

Adam Boileau stops by for a look at the week's news.