Jump to content
The Inquirer-Home
Communications > Security

Criminals pay bribes to hide vulnerabilities

Security system can be bought
By Nick Farrell
Tuesday, 12 February 2008, 09:34

ORGANISED criminals are bribing security experts and hackers to keep quiet about security vulnerabilities, according to IBM's security experts ISS.

The annual "X-Force" report, shows that the number of security vulnerabilities is down by 5.4 per cent this year. This is the first time in ten years, but Biggish Blue experts warn that the web is not much safer.

Chris Rouland, ISS's chief technology officer, said the 2007 number would have been higher if not for the fact that organised crime is paying a bounty of up to $100,000 to computer whizzes who find such threats and shut up about them.

Software vendors are also buying the vulnerability information so that they can fix them without anyone noticing.

He said there was no way to tell how many security holes are going undocumented.

More here. µ

Share this:

< Previous article| Next article >
Comments
Who's it Hawking Proactive Pre-emptive Protection?

Proactive Pre-emptive Protection Plan ™&#xD;
&#xD;
We Stop Problems Before&#xD;
They Open Sauce YOU!&#xD;
&#xD;
This act will not stand. We will find those who did it. We will smoke them out of their holes. We'll get them running and bring them to justice!&#xD;
&#xD;
So we don't know whether Oracle's in a cave with the door shut, or a cave with the door open. We just don't know. But we know that if Oracle's determined to keep weapons of hack destruction, and determined to make more.&#xD;
&#xD;
&#xD;

posted by : Karlsbad, 12 February 2008 Complain about this comment
What kinds of skills does this require?

I'm wondering what kinds of skills are needed to find these vulnerabilities. I imagine they could be used for good and bad reasons. Maybe arrange a collection of about 20 people with these skills and have them find 20-30 vulnerabilities in OSX, Windows, and Linux, and then see which company(I'm using this term loosely since I'm including Linux) solves the problems fastest.&#xD;
&#xD;
Honestly, the way to solve the problems with the vulnerabilities is for Linux to come up with a way to make the other two lose market share. How about closed source Linux games, with all the security measures open source?

posted by : Jason Goatcher, 13 February 2008 Complain about this comment
Advertisement
Subscribe to the INQ Newsletter
Sign-up for the INQBot weekly newsletter
Click here to sign up Existing user
INQ Whitepapers

Business Intelligence Software

Customer Relationship Management (CRM)

Enterprise Accounting Software

Enterprise Resource Planning (ERP)

Enterprise Systems Management

Jobs
Powered by INQJOBS
Advertisement
INQ Poll

Browsers

Who will win the next round of browser wars?

View other polls
Follow us:
Business & Technology websites:
Business research resources:
Products:
Investment Market IT websites:
Find out what you are worth:
Search for a job: