Proposed: a Bounty for Bugs

Proposed: a Bounty for Bugs
Mark Rasch, 2003-11-10

Instead of paying hard cash to punish computer criminals, vendors should reward grey hat hackers for responsibly finding and reporting the security holes that make cyber attacks possible.

Expand all | Post comment

Proposed: a Bounty for Bugs 2003-11-10
researcher

Proposed: a Bounty for Bugs 2003-11-11
Anonymous (1 replies)

Proposed: a Bounty for Bugs 2003-11-13
Mark Rasch

Proposed: a Bounty for Bugs 2003-11-11
Psuedo-Anonymous Coward (1 replies)

Proposed: a Bounty for Bugs 2003-11-19
Anonymous

Proposed: a Bounty for Bugs 2003-11-11
Anonymous (1 replies)

Proposed: a Bounty for Bugs 2003-11-13
Anonymous

white,black,gray or combinations...it doesn't matter, does it? companies only need to know the bug, not who found it.of course they would prefer that their employees make such discoveries, or even better program securely and not introduce those kind of problems, but that's their hiring policy problem.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/197/23672#23672

Proposed: a Bounty for Bugs 2003-11-11
agent1

Proposed: a Bounty for Bugs 2003-11-11
Ragnarok

Proposed: a Bounty for Bugs 2003-11-11
Theuns

Proposed: a Bounty for Bugs 2003-11-11
frustrated security dweeb

Proposed: a Bounty for Bugs 2003-11-12
Bob Weiss - Passsword Crackers, Inc.

Proposed: a Bounty for Bugs 2003-11-12
Lockdown

Proposed: a Bounty for Bugs 2003-11-12
Anonymous

Proposed: a Bounty for Bugs: A Notoriously Bad Idea 2003-11-12
Michael Sierchio (1 replies)

Proposed: a Bounty for Bugs: A Notoriously Bad Idea (NOT) 2003-11-13
Raindeer (1 replies)

Proposed: Pay for non-disclosure 2003-11-17
Anonymous

Proposed: a Bounty for Bugs 2003-11-13
Anonymous

Proposed: a Bounty for Bugs 2003-11-13
Sunil James - Director, iDEFENSE