Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Secunia jumps on vuln reward bandwagon
From: adam <adam () papsy net>
Date: Thu, 3 Nov 2011 17:28:35 -0500

"The rewards on offer will range from top-of-the range merchandise to
two major annual rewards such as free hotel accommodation and entry to
an IT security conference chosen from a list of the most popular
global security conferences"

I'm especially curious to see exactly what the merchandise is. Can you
imagine if it was coffee mugs or tshirts with Secunia's logo? "To show you
our appreciation, we're going to *let you* advertise for us!"

I think the terms of the "hotel accommodation" will also prove to be
interesting.

On Thu, Nov 3, 2011 at 1:18 PM, xD 0x41 <secn3t () gmail com> wrote:

Their 'rewards' do not seem to justify the vulnerability/exploit research
time.

This is what ive been saying for uh, 3months now... but, do they ever?
And also, is it better to have even one more payer, than have nothing
atall... or sell to blackhat sites only ?
i guess this is atleast an alternative and, maybe even a good learning
tool for some...
learn to never trust a person when they say "you will get great money'.
;)


On 4 November 2011 05:14, Ryan Dewhurst <ryandewhurst () gmail com> wrote:
Their 'rewards' do not seem to justify the vulnerability/exploit
research time.

"The rewards on offer will range from top-of-the range merchandise to
two major annual rewards such as free hotel accommodation and entry to
an IT security conference chosen from a list of the most popular
global security conferences.  The latter rewards will be given for the
first time in January 2012.  One reward will be given to the
researcher who coordinates the most interesting vulnerability as
judged by Secunia in the form of a prize under the Most Interesting
Coordination Report category.  Criteria will include complexity,
impact, level and level of detail.  The other will be given to the
researcher who has been consistently coordinating correct, clearly
detailed vulnerability reports that are quick and easy to confirm as
judged by Secunia.  The researcher will be given the title, ‘Most
Valued Contributor’ by Secunia.  Other rewards will be continuously
given to researchers coordinating their discoveries through Secunia
based on their individual performance."

http://secunia.com/company/blog_news/news/271

Ryan Dewhurst

blog www.ethicalhack3r.co.uk
twitter www.twitter.com/ethicalhack3r
projects www.dvwa.co.uk | www.webwordcount.com |
code.google.com/p/wpscan

On Thu, Nov 3, 2011 at 5:57 PM, Georgi Guninski <guninski () guninski com>
wrote:
On Thu, Nov 03, 2011 at 05:46:15PM +0100, Michele Orru wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It seems that even XSS, XSRF and SQLi are accepted...
Interesting.

Cheers
antisnatchor

Georgi Guninski wrote:

http://www.theregister.co.uk/2011/11/02/secunia_vulnerability_rewards/
Secunia jumps on vuln reward bandwagon

have in mind the list is "Hosted and sponsored by Secunia"


What about alternatives?

How much the hosting will cost?

I remember how aleph1 sold bugtraq (including the paid posters)
and i don't feel like contributing to bugtraq ver. 2.

--
j

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]