Mastodon Feed: Post

The US government is holding (hodling?) billions of dollars in seized cryptocurrency assets, and most of these funds just sit there forever. But imagine the impact and disruption to cybercrime organizations that could occur if the government was forced to spend just a tiny fraction of their seized currency to fund straight up security research? Or maybe just provide a stipend to people who spend half their lives maintaining important open-source code libraries, or tracking emerging threats in new and useful ways.

I've been thinking a lot about this because I keep talking to researchers who are doing amazing, important work but having to spend increasing amounts of their precious time trying to attract investors, or just keep the lights on. The irony of this is that invariably what happens when they do get investors is the investors say no you can't do that anymore because it makes our lawyers squeamish. So in many ways, I see a market failure here.

If we are serious about making a bigger dent in cybercrime overall and in going after bigger fish, we need to find ways to make sure that these people can focus on their work.