Symantec's SecurityFocus buyout met with pessimism
There's been considerable discussion this weekend of the recent sale of SecurityFocus to mega-corporation Symantec for a sweet $75 million. At issue in particular is SF's BugTraq mailing list, which has for years been the most popular full-disclosure vulnerability list going.
The deal has generated further controversy because SF has sold something quite valuable which it received free of charge, namely the exploits submitted by list members. These are valuable for developing scanning software like Snort, Nessus, and the like. And naturally, when this much cash changes hands, people may get envious. They may also feel they're owed something for the free contributions they've voluntarily made.
[ Read more ]