Online auction house WabiSabiLabi has been created in order to prevent flaws getting in to the hands of hi-tech criminals by rewarding researchers that find them. There is known to be a ready market for vulnerabilities on the digital underground. Many criminal groups prefer to use vulnerabilities for their own ends to steal information or hijack computers rather than have any malicious hacker using them. The independent auction house aims to staunch the flow of vulnerabilities to the underground by giving security researchers a legitimate marketplace for what they find.
Herman Zampariolo, head of WabiSabiLabi added that it could tempt many researchers to report findings they would otherwise keep quiet about, meaning many more vulnerabilities get reported. Once a vulnerability is reported, WSLabi will confirm it is real and that it can be exploited. After this it will be placed on the auction site where it can be sold to the highest bidder or sold to just one firm. WSLabi said it would ensure that all those who buy the vulnerabilities were legitimate.
News source: BBC News