Re: It's a nice thought
But in reality, it doesn't matter if they do, or do not, create this new secret clearing house for zero day vulns, because any serious security researcher, or a nation-state-hacker-team (they always need more than one guy) can collect, examine, reverse engineer, and redeploy any remote hack that anyone can dream up, ever.
That would be like the invention of the time machine in Hitchhikers Guide to the Galaxy.
If it were so trivially easy to discover all the zero day vulnerabilities, then all the zero day vulnerabilities would be discovered at once, days after the release of the program product concerned.
It generally takes either expertise or random luck plus time to find new zero day vulnerabilities.
That is why it is total BS when some security researcher with either a Phd or no job eventually finds some (specifically) zero day vulnerability and releases it to the world because "all hackers already know about it".
a. If they already knew about it then you don't deserve publicity for finding it?
b. If they already knew about it why do the exploits only follow your information release?
c. Peer reviewed journals, tech journals, and newspapers would not mention the zero day discoveries because trivial things are not newsworthy.
d. We wouldn't have internet connected computers, since nothing substantial can be programmed by humans without it having vulnerabilities.
Biting the hand that feeds IT
