That's not the argument, nobody is shedding tears for child abusers getting popped by the feds. The problem is you can't stop other people from abusing the same vulnerability, so you're putting innocent people in harm's way.
-
-
So if you're someone who wants to work in vuln research, and you don't get one of the few dozen jobs doing it for a company that reports the bugs immediately, what do you do? Bug bounties are getting better, but they don't pay the same.
-
I disagree, you just have to optimize your work differently. Prefer volume over quality, not wasting time improving reliability when you could be finding more bugs, and so on. If it will take you a month to turn a bug into an exploit, calculate if the reward justifies that, etc.
- 18 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
