Researchers: Flaw auctions would improve security

Researchers: Flaw auctions would improve security
Robert Lemos, SecurityFocus 2005-12-15

The auction may have set a record price for a highlighter pen and an 8-by-11-inch sheet of paper.

Expand all | Post comment

Researchers: Flaw auctions would improve security 2005-12-16
Sean (2 replies)

Re: Researchers: Flaw auctions would improve security 2005-12-18
Ano (1 replies)

Re: Re: Researchers: Flaw auctions would improve security 2005-12-21
Sean

Re: Researchers: Flaw auctions would improve security 2005-12-19
Anonymous (1 replies)

Re: Re: Researchers: Flaw auctions would improve security 2005-12-19
Anonymous

Researchers: Flaw auctions would improve security 2005-12-18
Anonymous (2 replies)

Re: Researchers: Flaw auctions would improve security 2005-12-19
rusga

Agreed.

Bitter-taste is:

When one discovers a flaw after hours/days of research (besides years of knowledge to do that), sends it to respective sw-house/company and don't get any reward for this *world-wide comunity service* besides a slap-in-the-back like a candy to a kid.

But much worse than that, is when that flaw is not (deliberatly?) fixed for months (and sometimes years).

Now, this not only gives one a bitter-taste, but also a fear-taste and a dumb-taste. Something like: "oops talked too much?".

This definetly must end. And one way to do this is by *hard work rewarding* and public information of this transaction (and awareness of the vendors acknowledgement).

rusga

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11364/32892#32892

Re: Researchers: Flaw auctions would improve security 2005-12-19
Anonymous (1 replies)

Re: Re: Researchers: Flaw auctions would improve security 2005-12-20
Anonymous

Researchers: Flaw auctions would improve security 2005-12-20
Bill Barlowe (1 replies)

Re: Researchers: Flaw auctions would improve security 2005-12-29
Anonymous

Researchers: Flaw auctions would improve security 2005-12-21
Howard Israel