Comment by tptacek

1 day ago

I don't think it matters one way or the other to your thesis but I'm skeptical that state-level CNE organizations were hoarding vulnerabilities before; my understanding is that at least on the NATO side of the board they were all basically carefully managing an enablement pipeline that would have put them N deep into reliable exploit packages, for some surprisingly small N. There are a bunch of little reasons why the economics of hoarding aren't all that great.

4 comments

tptacek

stephc_int13 1 day ago

The economics would be different in say, North Korea, don't you think?

tptacek 1 day ago
Why? What do you mean?
- postsantum 1 day ago
  
  He really believes that exploits come out of North Korea (as per Daily Post reporting), not from other countries
- kortilla 1 day ago
  
  North Korea uses a lot more them specifically to generate revenue.