Who am I to disagree : I think the lack of quality only partially has to be accounted to the prices being paid for 0day, 0day in terms of bugs are rarely being presented at conferences. I think the security market has become crowded and noisy, press is jumping more and more on it security over the last 5 years and have not been helping to increase quality but sensationalism. See DNS bug vs. SNMPv3 bug. I also think that time is increasingly getting spare to prepare for such conferences (this implies research) for every researcher there are 5+n consultants. Anyways that's the reason I have not been at BH or Defcon this year - last year really sucked.
PS. The 100k price tag for an SSH 0day is too low by the way.
Weekly Update 174
-
We're in Norway! More specifically, Scott Helme and I are in Hafjell and
recording this after a day on the snow before heading back to Oslo and the NDC
S...
1 day ago
0 comments
Post a Comment