>One person who will share those sales numbers is a South African hacker who goes by the name “the Grugq” and lives in Bangkok. For just over a year the Grugq has been supplementing his salary as a security researcher by acting as a broker for high-end exploits, connecting his hacker friends with buyers among his government contacts. He says he takes a 15% commission on sales and is on track to earn more than $1 million from the deals this year. “I refuse to deal with anything below mid-five-figures these days,” he says. In December of last year alone he earned $250,000 from his government buyers. “The end-of-year budget burnout was awesome.”
For those who figure this is a great way to monetize their security skills and actually have the chops to do it:
It should probably be pointed out that once you do this, you’re in the weapons industry. Your work will likely be used, directly or indirectly, to put a bomb through someone’s roof or put them in prison for a very long time. Make sure you’re okay with the ethics of it.
> It should probably be pointed out that once you do this, you’re in the weapons industry. Your work will likely be used, directly or indirectly, to put a bomb through someone’s roof or put them in prison for a very long time. Make sure you’re okay with the ethics of it.
By this logic, americans should stop using cars at all, cause all that oil is coming from middle east, saudi arabia.
What? This does not follow at all. You’re implying that any degree of involvement in activities that have negative consequences is equivalent. That’s incorrect!
One doesn't, I don't think; I think one sells to one of several grey-market brokers who in turn sell to DOD. But I think it's more productive to substitute "the IC" for "NSA TAO", because there are several countries (on the "sort of legitimate" side of this market) buying. All of them can pull any plausible amount of cash for a vulnerability out of their couch cushions (then again, so can small countries).
https://zerodium.com/
>One person who will share those sales numbers is a South African hacker who goes by the name “the Grugq” and lives in Bangkok. For just over a year the Grugq has been supplementing his salary as a security researcher by acting as a broker for high-end exploits, connecting his hacker friends with buyers among his government contacts. He says he takes a 15% commission on sales and is on track to earn more than $1 million from the deals this year. “I refuse to deal with anything below mid-five-figures these days,” he says. In December of last year alone he earned $250,000 from his government buyers. “The end-of-year budget burnout was awesome.”
https://www.forbes.com/sites/andygreenberg/2012/03/21/meet-t...