Wed, Jul 17, 2013 - Page 9 News List

Bugs are big business for computer hackers

Programmers want to eliminate bugs in their work, but when hackers find them they can make money by either reporting them or selling them

By Nicole Perlroth and David Sanger  /  NY Times News Service

Because the bug did not work with a particular flavor of Linux, Miller eventually sold it for US$50,000. The take-away for him and his fellow hackers was clear: There was serious money to be made selling the flaws.

At their conventions, hackers started flashing signs that read, “No more free bugs.”

Hackers like Auriemma, who once gave away their bugs to software vendors and antivirus makers, now sound like union organizers declaring their rights.

“Providing professional work for free to a vendor is unethical,” Auriemma said. “Providing professional work almost for free to security companies that make their business with your research is even more unethical.”

Experts say there is limited incentive to regulate a market in which government agencies are some of the biggest participants.

“If you try to limit who you do business with, there’s the possibility you will get shut out,” Schmidt said. “If someone comes to you with a bug that could affect millions of devices and says, ‘You would be the only one to have this if you pay my fee,’ there will always be someone inclined to pay it.”

“Unfortunately,” he said, “dancing with the devil in cyberspace has been pretty common.”

This story has been viewed 2265 times.

Comments will be moderated. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned.

TOP top