Is Paying Hackers Good for Business? 94
Jenny writes "In the light of the recent QuickTime vulnerability, revealed for $10,000 spot cash, the UK IT Security Journalist of the Year asks why business treats security research like a big money TV game show. 'There can be no doubt that any kind of public vulnerability research effort will have the opportunity to turn sour, both for the company promoting it and the users of whatever software or service finds itself exposed to attack without any chance to defend itself. Throw a financial reward into the mix and the lure of the hunt, the scent of blood, is going to be too much for all but the most responsible of hackers. There really is no incentive to report their findings to the vulnerable company, and plenty not to. Which is why, especially in the IT security business, there needs to be a code of conduct with regard to responsible disclosure.' Do you think there's any truth to this? Or is it a better idea to find the vulnerabilities as fast as possible, damn the consequences?"
I wish... (Score:4, Funny)
Re:Bounty Hunters (Score:1, Funny)
Nothing. Both Cops and Dog the bounty hunter get cool TV shows. Clearly that is the solution.
Re:Stunning (Score:4, Funny)
Wait, you mean there are stories/authors who don't get lambasted on slashdot?
I thought we pretty much did our best to rip every story to shreds?