Unsurprisingly, I disagree. A working exploit that bypasses current mitigations has value to the vendor and defenders. Should be rewardedhttps://twitter.com/berendjanwever/status/808594443670618112 …
The problem is Microsoft is offering a financial incentive for ppl to sit on bugs, which I don't think is a good idea.
-
-
only if you think you can develop an exploit and ROI makes sense. Not all bugs are good candidates, and not all targets...
-
Not sure I understand: do you agree it's a bad idea, but because it probably doesn't happen that often, don't think it's a problem?
-
I think people that can write exploits tend to find better returns on their time and skill. The extra bounty is not enough
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.