Hacker News new | past | comments | ask | show | jobs | submit login

That gives you the worst of both worlds, though. You get the major developmental downside of a backdoor - making sure no one in the development pipeline finds and removes it - while still having to do the non-trivial work of actually exploiting the bug. Admittedly I don't have real experience with the 0-day black market, but the internet tells me I can just show up with $200k and buy a Chrome/Windows/iOS 0-day, if I know the right people. I find it hard to believe its actually cheaper or even easier to backdoor software than it is to just buy the exploits.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: