When it becomes legally compulsory to report all vulnerabilities to the vendor immediately, what do you think will happen to bug bounties?
-
-
@BRIAN_____ That's an interesting idea but I fear vendors will call it extortion. But they called bounties extortion at one point too :). -
@dinodaizovi Yep. Lots of people have called it extortion already. I don't think it is, but it has been an uphill battle to explain it. -
@BRIAN_____@dinodaizovi Who decides what the maximum "rent" is? -
@cryptorobert@dinodaizovi The researcher. But, I want an Association of Hacking Professionals (Like doctors have AMA) set guidelines.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.