1. 6

  2. 5

    I gotta say, these are finally some numbers that seem comparable to the true value of these hacks. It was really quite laughable when these billion-dollar companies were giving out just a few grand for serious bugs that none of their staff engineers could spot, and which were making rather big headlines, and which would surely go for hundreds times more on any sort of a black market, especially if you consider the knowledge and expertise required to find these bugs, and how often such knowledge could be utilised.

    Of course, this may all mean that the black market prices would have to go up now, and/or that we’d have an influx of new people learning the trade, but at least the security researches would no longer be getting ripped off by going to the manufacturer, which is a good thing for both the researches and the company with its users.

    I’d imagine the black market might as well dissipate, as the extra risk would probably not be worth it when you can already get a very decent payout straight from the manufacturer.