[dundee] Slashdot | Last year's CanSecWest Winner Repeats on Vista, Ubuntu Wins

Rick Moynihan rick.moynihan at gmail.com
Sun Mar 30 16:25:27 BST 2008


On 30/03/2008, Arron M Finnon <afinnon at googlemail.com> wrote:
> I think in some case your right with the increase in XSS hacking, being
>  predominately on applications.  Such as the open office macro worm of
>  last year being totally crossed platform.  I can't remember the name of
>  the site but there is an auction site where you can sell your 0days, to
>  the highest bidder.  I imagine that IE exploits are worth more than
>  GNUmp3d exploits.

I'm inclined to agree.  But I vaguely remember an article where they
said that rooted Linux boxes sell for more than rooted Windows
machines.  Unfortunately I can't find the URL.  Can anyone find it?
Whether this is merely supply/demand or because Linux is a better
platform is another matter :-)

When it comes to selling exploits though, it makes sense that exploits
with the most potential for deployment, e.g. root exploits on IE, sell
for more.

Malware economics...  Fascinating.

R.



More information about the dundee mailing list