Home page logo

bugtraq logo Bugtraq mailing list archives

Re: We're now paying up to $20,000 for web vulns in our services
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Tue, 24 Apr 2012 08:13:01 -0700

IMHO, anyone who willingly, knowingly places customer data at risk by inviting attacks on their production systems is 
playing a very dangerous game. There is no guarantee that a vuln discovered by a truly honest researcher couldn't 
become a weapon for the dishonest "researcher" through secondary discovery

I'm not sure I follow. Are you saying that the dishonest researcher
will not try to find vulnerabilities if there is no reward program for
the honest ones?


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]