Tuesday, August 12, 2008

WabiSabiLabi - Hacks for Sale?

A year or so back a site called WabiSabiLabi generated a lot of press and buzz when it announced that it would auction potentially zero-day vulnerabilities on an "open market" much like eBay. That being said there was some interesting press a little later where one of the co-founders [Roberto Preatoni] was arrested for some alleged spying on a Brazilian CEO.

Lots of press, lots of buzz... then they flat-lined. Today, if you google "WabiSabiLabi" you get results that mostly date to 2007, and then you find many write-ups about this gem... a hardware-based UTM platform.

I challenge you to find something relevant from those WabiSabiLabi folks, within the last few months... anything. I am probably among the majority when I say that an online marketplace for supposed 0-day vulnerabilities is a bad idea, as a concept. Obviously it's not flourishing quite as well as they had hoped, judging by the screen shot here - so what happened? Is there simply not a market for 0Day vulns?


I honestly don't know the answer to that question, but I suspect it lies somewhere between ethics and finances. Some have a hard time ethically with this idea, while others just don't feel like paying for vulnerability disclosure... at least publicly. Whatever the reason, it looks like this was an endeavor that never had any wind in their sails... too bad, so sad.

1 comment:

Nathan McFeters said...

Whoa, Raf, your new blog colors nearly gave me a seizure!

-Nate

Google+