User: Password:
|
|
Subscribe / Log in / New account

Vulnerability disclosure policies - lost and found

Vulnerability disclosure policies - lost and found

Posted Jul 13, 2010 14:20 UTC (Tue) by giraffedata (subscriber, #1954)
In reply to: Vulnerability disclosure policies - lost and found by mpr22
Parent article: Vulnerability disclosure policies

If we consider it a person's obligation to disclose a bug for free once he finds it, how much incentive does he have to look for bugs?
He gets to feel smarter than the author of the buggy code.

That's a good incentive for hobby-level bug investigation, but not enough to give up one's day job or hire a staff or give someone a research grant. I don't know much about the project in question here, but I have the impression that many of these bug hunters put more than recreational level effort into it.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds