Security researchers who find holes in software can now sell their findings to the highest bidder.
An online auction house has been created to bring together those who find the loopholes with the companies that can do something about them.
It aims to close the gap between the small number of bugs investigated and the huge number thought to exist.
By rewarding researchers, the auction house aims to prevent flaws getting in to the hands of hi-tech criminals.
In early 2006 anti-virus firm Kaspersky Labs revealed that Russian hackers had been selling the Windows WMF vulnerability for $4000 (£2,000).
The loophole was offered for sale weeks before it was widely known about and long before Microsoft moved to close it.
The independent auction house, called WabiSabiLabi, aims to staunch the flow of vulnerabilities to the underground by giving security researchers a legitimate marketplace for what they find.
"Our intention is that the marketplace facility on WSLabi will enable security researchers to get a fair price for their findings and ensure that they will no longer be forced to give them away for free or sell them to cyber-criminals," said Herman Zampariolo, head of the auction site.
He added that it could tempt many researchers to report findings they would otherwise keep quiet about. In this way it hopes to ensure many more vulnerabilities get reported.
"Very few of them are able or willing to report it to the 'right' people due to the fear of being exploited," said Mr Zampariolo.
Once a vulnerability is reported, WSLabi will confirm it is real and that it can be exploited. After this it will be placed on the auction site where it can be sold to the highest bidder or sold to just one firm.
WSLabi said it would ensure that all those who buy the vulnerabilities were legitimate.
The first vulnerabilities posted to WSLabi are selling for between 500 (£340) and 2000 (£1,350) euros.
Many other companies, such as iDefense and Tipping Point, run schemes that give cash rewards to security researchers who find serious loopholes in widely used software.
The Mozilla Foundation, which oversees development of the Firefox browser amongst other things, gives a t-shirt and a $500 (£250) bug bounty to anyone finding a critical vulnerability in its software.
-
Who was St Stephen and why is he remembered on December 26?
-
The King's Christmas speech: which Gospel?
-
Gay Archbishop of Wales says some people have left Church over her appointment
-
2 Timothy 3:16 is Logos' Bible verse of the year, Matthew was the most studied book
-
Two hundred years of the Brethren: who are they and what do they believe?
-
US carries out strikes on Islamic State in Nigeria over violence against Christians
Most Popular
News
The story of New Year’s resolutions
1 January is when people traditionally start the new year with a fresh resolution. This is the story …
Young people more grateful to God, study finds
A new survey has suggested that 18 to 34 year olds are more likely to believe in God and have transcendental experiences.
Nigerian government accused of being in denial about persecution of Christians
How can thousands of slain Christians not be persecution?
Turkey arrested 115 suspected ISIS members, thwarting Christmas and New Year plots against non-Muslims
Turkey has been relatively successful in preventing attacks since 2017.