Microsoft: We're not Paying for Bug Bounties
Individual researchers don't want to report security flaws because Microsoft doesn't reward their efforts with money.
Last week Mozilla announced that it was raising its "bug bounty" to $3,000--that is, the company is now paying researchers three Grover Cleveland bills for digging up security flaws found in Firefox, Thunderbird, Firefox Mobile, and other Mozilla-based software. Four days later Google revealed a similar bounty, but upped the ante with a slightly larger $3,133.7 (get it?) bounty.
As for Microsoft? They're not paying a dime. "We value the researcher ecosystem, and show that in a variety of ways, but we don’t think paying a per-vuln bounty is the best way," said Microsoft's Jerry Bryant said in an email. "Especially when across the researcher community the motivations aren’t always financial. It is well-known that we acknowledge researcher’s contributions in our bulletins when a researcher has coordinated the release of vulnerability details with the release of a security update."
He added that although the company doesn't provide a monetary reward on a per-bug basis, Microsoft does recognize honor and talent--traits that could land you a job at Microsoft. "We’ve had several influential folks from the researcher community join our security teams as Microsoft employees," he said. "We’ve also entered into contracts directly with many vendors and sometimes individual researchers to test our products for vulnerabilities before they’re released. Many of these vendors and individuals first came to our attention based on the high-quality and unique approaches demonstrated by the vulnerabilities they reported to the MSRC."
Apparently Microsoft isn't the only company stingy with the cash, as both Adobe and Apple do not pay for bugs discovered by outsiders. The big three typically dump their resources into the "boutique consultancies" as payment for digging up security flaws, leaving nothing for the outsides. For this reason, many individual researchers have been encouraging peers to stop reporting vulnerabilities found on their own time.
- Bug-Bounties ,
- Google ,
- Mozilla ,
- Firefox
- Dell Shipped Server Motherboards With Spyware
- StarCraft II: Ghosts of the Past Trailer
- Microsoft Confident That $150 is Right for Kinect
- Microsoft Has a New Tagline: "Be What's Next"
- Apple is the Leader in Admitting Software Bugs
- Sharkoon's "Golf Ball" Inspired Case-Fan
- Can World of Warcraft Boost Your Career?
- Alienware Brings LAN Party Hummer to Comic Con
- Apple Reveals Q3 Revenue; Still Swimming in $$$
- Microsoft Still Making More $$$ Than Apple
- Microsoft's High-Tech Crusade Against Piracy
- Nvidia GeForce GTS 450 PCB Blueprint Leaked?
- Windows 7: Over 175 Million Licenses Served
- Half-Life 2: Beyond Black Mesa Fan Made Trailer
- Sony Develops Powerful Laser for 1TB Optical Disc
- It's Now Legal to Crack Your PC Games
- Motorola Android Tablet Possible in Q4 2010
- Warhammer 40K: Space Marine Announced for PC
microsoft wont pay, simply because they would run out of money if they had to pay someone for every single bug every MS crap has...
microsoft wont pay, simply because they would run out of money if they had to pay someone for every single bug every MS crap has...
Seriously? Windows still has a bad reputation, but its recent incarnations, especially Windows 7 are really well written and relatively bug free. Something the bug ridden predators like the snow leopards and tigers can't say...
But paying people to find bugs is actually a great idea - it can be an extra stimulant to search for them.
Heh, so basically they know that even without monetary incentives people will still report the bugs.
Tight bastards.
microsoft wont pay, simply because they would run out of money if they had to pay someone for every single bug every MS crap has...
Incorrect. Per line, Microsoft software has some of the lowest incidences of bugs. Their software is just more critical than say, a video game, or a media player, so we feel the effects more. My Windows rarely has issues, especially since 7... in fact, I don't remember having any issues with 7. It just works. That's true of Windows now, and unless you try to do anything seriously complex or experimental, Windows is sturdy as hell.
In fact, more often than not, the hardware is the weak link.
Dear friends, please temporarily stop your footsteps
To our website Walk around A look at
Maybe you’ll find happiness in your sight shopping heaven and earth
You’ll find our price is more suitable for you.
Welcome to our website http://www.fashionsports.org/
Next we come to talk about a topic:
Why are now prices are very expensive%uFF1F
yes Many people now have to earn more money
to Pushing up prices
But they didn’t find customers buy after won’t come back
But friends %uFF0CDo you ever found
Our website is more cost-effective price than others
My Windows rarely has issues, especially since 7... in fact, I don't remember having any issues with 7. It just works. That's true of Windows now, and unless you try to do anything seriously complex or experimental, Windows is sturdy as hell.In fact, more often than not, the hardware is the weak link.
Same, since release I've never had a crash or any other issue due to Win7 itself.
Every problem so far has been due to software of hardware failure.
I've never had issues with 7. Ever.
============= http://www.fashionsports.org ==========
sells clothing,footwear,handbags,Sunglasses
Our products sell well in Europe and North America.
Our main product list is as follows:
1.Fashion Sports shoes:
Shox,Dunk,Jordan, Air max, Air force,Adidas, Puma,Prada,D&G, Chanel,
Gucci, Lacoste, LouisVuiton,Bape,Evisu,Timberland,ugg,boots,Burberry,
4us,Hogan,Dior,Greedy
Genius,Versace,Convers,Coach,Dsquared,Maurt,etc.
2.Fashion T-Shirt & Jeans & Jacket:
Bape,AF,AAF,BBC,Evsiu,Juicy,GGG,Burberry,ED-Hardy,Chanel,G-Star,Red
monkey,Christian
Audigie,sinful,lacoste,POLO,Armani,Smet,Baby,Levis,Justcavalli,Versace,True
Religion,Artful Dodger,Rock,Coogi,Crown Holder,RMC,etc.
3.Fashion Handbags:
LV , Prada , Chanel ,D&G, Fendi , EDhardy, Burberry , MIUMIU ,
Gucci ,Chloe , Juicy and Chole,Burse,etc.
4.others:brand watches(rolex,Longines...), belt(d&g, gucci, prada,
chanel, burberry.... ), hats, sunglasses etc.
we sincerely hope to establish the business relation with you.
Looking forward your visit.
Our Website http://www.fashionsports.org
this spam is getting stupid now
Dear customers, thank you for your support of our company.
Here, there's good news to tell you: The company recently
launched a number of new fashion items! ! Fashionable
and welcome everyone to come buy. If necessary, please
input:
+++++ http://www.shoes2.us/ +++++
Tshirts (Polo ,ed hardy,lacoste) $16
New era cap $15
Air jordan(1-24)shoes $33
Handbags(Coach,ed hardy,lv,d&g) $35
Jean(True Religion,ed hardy,coogi) $30
Sunglasses(Oakey,coach,gucci,Armaini)$16
Bikini (Ed hardy,polo) $25
+++++++ http://www.shoes2.us/ ++++++++