Comment by tptacek
2 months ago
Sorry you feel that way, but I own it. You're welcome not to take me seriously. I know your background. But I think you've made some claims in this thread that are probably wrong.
2 months ago
Sorry you feel that way, but I own it. You're welcome not to take me seriously. I know your background. But I think you've made some claims in this thread that are probably wrong.
You're free to disagree, but you don't need to do it with the snarky variant "I like that story too! It's fun." that's so easily misread on the internet.
You're right that I've not been involved in the grey market for awhile. And when I did, I was on the "advising sophisticated buyers" side of it, rather than trying to sell things.
I think our biggest point of disagreement is just on the notion that you can sell bugs like the one on this thread to brokers. I think we're directionally in similar places on Google and Apple. As I said: I know who you are; I'm not writing to you as if you're a rando who thinks logout CSRFs are worth big money.
> I think our biggest point of disagreement is just on the notion that you can sell bugs like the one on this thread to brokers.
I don't think you're getting a ton of money for them.
But, it's my understanding that there are state actors who want to unmask people who are saying things they consider not-nice on social platforms and who have made it known that they will pay for things like this.
1 reply →