Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
- From: Michal Zalewski <lcamtuf@xxxxxxxxxxx>
- Date: Tue, 24 Apr 2012 08:13:01 -0700
IMHO, anyone who willingly, knowingly places customer data at risk by inviting attacks on their production systems is playing a very dangerous game. There is no guarantee that a vuln discovered by a truly honest researcher couldn't become a weapon for the dishonest "researcher" through secondary discovery
I'm not sure I follow. Are you saying that the dishonest researcher
will not try to find vulnerabilities if there is no reward program for
the honest ones?
/mz
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
- From: Ramon de C Valle
- Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
- From: Charles Morris
- Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
- References:
- [Full-disclosure] FYI: We're now paying up to $20, 000 for web vulns in our services
- From: Michal Zalewski
- Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
- From: Jim Harrison
- [Full-disclosure] FYI: We're now paying up to $20, 000 for web vulns in our services
- Prev by Date: Re: [Full-disclosure] Vulnerability in Backtrack
- Next by Date: [Full-disclosure] Vulnerability in Gentoo hardened
- Previous by thread: Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
- Next by thread: Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
- Index(es):
