Unsurprisingly, I disagree. A working exploit that bypasses current mitigations has value to the vendor and defenders. Should be rewardedhttps://twitter.com/berendjanwever/status/808594443670618112 …
-
-
Sounds like for you, submitting bugs and making more money overall meets your goals. I don't see the problem?
-
The problem is Microsoft is offering a financial incentive for ppl to sit on bugs, which I don't think is a good idea.
-
only if you think you can develop an exploit and ROI makes sense. Not all bugs are good candidates, and not all targets...
-
Not sure I understand: do you agree it's a bad idea, but because it probably doesn't happen that often, don't think it's a problem?
-
I think people that can write exploits tend to find better returns on their time and skill. The extra bounty is not enough
End of conversation
New conversation -
-
-
Don't get me wrong: I'd love to write exploits for a living (if they were never used or I had control over who gets targeted).
-
come work for a MS redteam then :)
-
If they have a part-time position for someone working from home in the Netherlands, do hook me up!
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.