Comment by tptacek
2 months ago
I think our biggest point of disagreement is just on the notion that you can sell bugs like the one on this thread to brokers. I think we're directionally in similar places on Google and Apple. As I said: I know who you are; I'm not writing to you as if you're a rando who thinks logout CSRFs are worth big money.
> I think our biggest point of disagreement is just on the notion that you can sell bugs like the one on this thread to brokers.
I don't think you're getting a ton of money for them.
But, it's my understanding that there are state actors who want to unmask people who are saying things they consider not-nice on social platforms and who have made it known that they will pay for things like this.
It's fine that we disagree. I don't think there's a real market for this. I think you can plan a heist with anybody, though, if that's a road you want to go down.