Unsurprisingly, I disagree. A working exploit that bypasses current mitigations has value to the vendor and defenders. Should be rewardedhttps://twitter.com/berendjanwever/status/808594443670618112 …
-
-
Replying to @markwo
@berendjanwever also worth noting that people have different motivations. If only $$, then black market will always pay better.1 reply 0 retweets 0 likes -
Replying to @markwo @berendjanwever
If it's improving the security of software people are using, then exploitation and higher rewards should not deter you
1 reply 0 retweets 0 likes -
Replying to @markwo
1) I'm not saying don't reward sploits, I'm saying don't bundle sploit rewards to bug bounties.
1 reply 0 retweets 0 likes -
Replying to @berendjanwever @markwo
2) The world is not just blackhats and philanthropists. I want to improve security, have a clean conscience and get maximum $$
1 reply 0 retweets 2 likes -
Replying to @berendjanwever @markwo
3) I do this for a living, so a month spent writing an exploit is a month spent not finding more bugs. And 1 exploit $ < more bugs $
2 replies 0 retweets 2 likes -
Replying to @berendjanwever @markwo
Don't get me wrong: I'd love to write exploits for a living (if they were never used or I had control over who gets targeted).
1 reply 0 retweets 0 likes -
If they have a part-time position for someone working from home in the Netherlands, do hook me up!
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.