[notactuallyben]

Are you suggesting that western exploit sellers are selling bugs to western governments and also BRICS? that sounds not very likely.

All of this stuff is very complicated ethically, but I don't think you can simply say that it is always in the public good to expose bugs (stuxnet is a good example of a bug chain avoiding a far deadlier outcome)..

I've personally worked for vendors of software and done offensive research, and now I do neither.

[ein0p]

GP is suggesting that not all exploit researchers are “western” or western aligned. Some of them are even nation state funded, and they’re often quite good.

[notactuallyben]

Yep, I don't think there's any disagreement with that, especially when you look at things like Tianfu cup in general. Any country that can, essentially wants to do offensive cyber.