Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Proposed: a Bounty for Bugs
Mark Rasch, 2003-11-10

Instead of paying hard cash to punish computer criminals, vendors should reward grey hat hackers for responsibly finding and reporting the security holes that make cyber attacks possible.

Submit Comment Mode:
Name:
Subject:
Message:
 
  Enter the characters that appear above
 
Proposed: a Bounty for Bugs: A Notoriously Bad Idea (NOT) 2003-11-13
Raindeer
Michael, you're worried what might happen if somebody values the worth of not disclosing a vulnerability higher than the reward for disclosing it to the vendor. You see this as the major flaw in the scheme.

Explain to me please how this is different from the current situation where you get nothin...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus