VeriSign Puts Flaw Bounty on Vista and IE7 91
rchris1172 writes "VeriSign's iDefense Labs has placed an $8,000 bounty on remote code execution holes in Windows Vista and Internet Explorer 7. As part of its its controversial pay-for-flaw VCP (Vulnerability Contributor Program), iDefense said it will pay the reward for each submitted vulnerability that allows an attacker to remotely exploit and execute arbitrary code on either of the two Microsoft products. In addition to the $8,000 award for the flaw, iDefense will pay between $2,000 and $4,000 for working exploit code that exploits the submitted vulnerability."
Economics 101 or Why I Love Bounties (Score:4, Funny)
2. Get friend to go work at MSFT.
.
4. PROFIT!
Moar money (Score:5, Funny)
The company spokesman also added they'll double the bounty if the submitter already used the exploit to build a botnet and triple it if promises to use it to send a metric assload of e-mails with the subject "ha-ha" to everyone@microsoft.com.
NOT the best business move! (Score:5, Funny)
Paying $8000 for each exploitable security flaw in Microsoft products is a quick way to put a company into bankruptcy! I noticed that the bounty only applies to the first six submissions, though, so VeriSign is only out $48000.
Who else here thinks that VeriSign will then turn around and sell the winning entries to the black market for $50000 each? hehe
The law on unintended consequences (Score:5, Funny)
Dilbert: Yahoo!
Alice: We're rich
Wally: Yes!!! Yes!!! Yes!!!
Pointy Haired Boss: I hope this drives the right behavior.
Wally: I'm gonna write me a new minivan this afternoon!
http://www.ourlocalstyle.com/images/uploadImages/
Re:Economics 101 or Why I Love Bounties (Score:2, Funny)
This would probably work until QA at Microsoft tracked down the singular source of most of the exploited vulnerabilities in the past few months.
Considering the number and regularity of vulnerabilities in Microsoft software recently, I wouldn't be surprised if one of their employees was already doing this, but selling them on the more lucrative black market instead.
Re:Not going to work (Score:3, Funny)
You have just won a new Boat!
Please come down to the stadium to pick it up.
Regards
Det. Sgt. Smith
Re:Economics 101 or Why I Love Bounties (Score:3, Funny)
3. ???
Darn. Guess you get the US $8000 bounty. Now, let's see, that's about 2 Euros, right?
So Now I Can Legally Attempt To Compromise M$ ?? (Score:3, Funny)
Hax0r1ng is getting better all the time!
And they said we were just a bunch of internet hooligans.
muahahhaha
Re:Wonder what they're really worth? (Score:5, Funny)
In other news... (Score:2, Funny)
...both Apple and Cisco are suing VeriSign for the use of iDefense in the name of their labs. Apple claims that it dilutes their brand identity, and Cisco claims that they've been selling "defense" hardware with the "i" trademark for years!
right, not all are Russian mafia (Score:3, Funny)
Re:Economics 101 or Why I Love Bounties (Score:5, Funny)
O
/|\ <--- you
|
/ \