Who am I to disagree : I think the lack of quality only partially has to be accounted to the prices being paid for 0day, 0day in terms of bugs are rarely being presented at conferences. I think the security market has become crowded and noisy, press is jumping more and more on it security over the last 5 years and have not been helping to increase quality but sensationalism. See DNS bug vs. SNMPv3 bug. I also think that time is increasingly getting spare to prepare for such conferences (this implies research) for every researcher there are 5+n consultants. Anyways that's the reason I have not been at BH or Defcon this year - last year really sucked.
PS. The 100k price tag for an SSH 0day is too low by the way.
When Your Smart ID Card Reader Comes With Malware
-
Millions of U.S. government employees and contractors have been issued a
secure smart ID card that enables physical access to buildings and
controlled spac...
8 hours ago
0 comments
Post a Comment