lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <03e501c3a3bb$ea1a2660$c71121c2@exchange.sharpuk.co.uk> From: DaveHowe at cmn.sharp-uk.co.uk (Dave Howe) Subject: M$ puts bounty out for Blaster and Sobig culprits > Maybe M$ should put out a bounty for reporting bugs in their > crappy software without going public instead. That might be > more effective. Either have to a) Pay *everyone* who reported the same bug (leading to a nice little money tree where a group of people individually report the same thing) b) live with the fact that the first finder would take the money, the second finder would be pissed at them for not paying and publish immediately...