Jump to content



Photo

VeriSign Offers Hackers $8,000 Bounty on Vista, IE 7 Flaws


  • Please log in to reply
9 replies to this topic

#1 ThePitt

ThePitt

    Neowinian Senior

  • 4,808 posts
  • Joined: 14-January 06
  • Location: Hell

Posted 10 January 2007 - 23:54

VeriSign's iDefense Labs has placed an $8,000 bounty on remote code execution holes in Windows Vista and Internet Explorer 7.

The Reston, Va., security intelligence outfit threw out the monetary reward to hackers as part of a challenge program aimed at luring researchers to its controversial pay-for-flaw VCP (Vulnerability Contributor Program).

The launch of the latest hacking challenge comes less than a month after researchers at Trend Micro discovered Vista flaws being hawked on underground sites at $50,000 a pop and illustrates the growth of the market for information on software vulnerabilities.

iDefense isn't the only brand-name player in the market. 3Com's TippingPoint runs a similar program, called Zero Day Initiative, that pays researchers who agree to give up exclusive rights to advance notification of unpublished vulnerabilities or exploit code.

The companies act as intermediaries in the disclosure process—handling the process of coordinating with the affected vendor—and use the vulnerability information to beef up protection mechanisms in their own security software, which is sold to third parties.

"Both Microsoft Internet Explorer and Microsoft Windows dominate their respective markets, and it is not surprising that the decision to update to the current release of Internet Explorer 7.0 and/or Windows Vista is fraught with uncertainty. Primary in the minds of IT security professionals is the question of vulnerabilities that may be present in these two groundbreaking products," iDefense said in a note announcing the bounty.


http://www.eweek.com...,2082014,00.asp


#2 maash

maash

    Neowinian Senior

  • 2,060 posts
  • Joined: 09-September 06

Posted 11 January 2007 - 00:06

if only other OS's price for hacking was this high, Microsoft would quickly become the most safe OS

#3 paxa

paxa

    Neowinian

  • 761 posts
  • Joined: 04-June 04
  • Location: so far away....nearly in the end of the world

Posted 11 January 2007 - 00:30

:blink: what'????
not wanting to be mean or anything like that, but this one has made my week....
maash my thoughts exactly

#4 revvo

revvo

    the most interesting man in the world

  • 7,343 posts
  • Joined: 07-March 04
  • Location: Montreal, Canada

Posted 11 January 2007 - 00:34

if only other OS's price for hacking was this high, Microsoft would quickly become the most safe OS

In your dreams sunshine

#5 .Ark

.Ark

    Neowinian Senior

  • 2,065 posts
  • Joined: 04-February 05
  • Location: Buckeye Nation

Posted 11 January 2007 - 02:13

This is so retarded lol.. crack the OS and get money.. wow gheyy

#6 +vlsi0n

vlsi0n

    Never interrupt your enemy when he is making a mistake.

  • 2,317 posts
  • Joined: 03-June 05
  • OS: Win8

Posted 11 January 2007 - 03:23

I thought it was a great idea.. discover the flaws and get paid. Their benefit is now that can patch them.

#7 .Ark

.Ark

    Neowinian Senior

  • 2,065 posts
  • Joined: 04-February 05
  • Location: Buckeye Nation

Posted 11 January 2007 - 03:39

I thought it was a great idea.. discover the flaws and get paid. Their benefit is now that can patch them.


Can they just pay their developers and tell them to find the holes instead of this? :/

Edited by .Ark, 11 January 2007 - 03:40.


#8 HoochieMamma

HoochieMamma

    Professional Hoochie™

  • 8,810 posts
  • Joined: 31-August 03
  • Location: Melbourne, AU
  • OS: Windows 7
  • Phone: Nexus 5

Posted 11 January 2007 - 03:45

Can they just pay their developers and tell them to find the holes instead of this? :/



Nothing would motivate someone more to hunt of bugs then $8000 ;)

Edited by HoochieMamma, 11 January 2007 - 03:45.


#9 S7un7

S7un7

    Neowinian

  • 1,111 posts
  • Joined: 07-October 04
  • Location: PA

Posted 11 January 2007 - 04:05

Can they just pay their developers and tell them to find the holes instead of this?


Because the best hackers are probably better programmers than MS's developers.

#10 vetL3thal

L3thal

    Honor, Duty, Fidelity

  • 19,062 posts
  • Joined: 30-May 04
  • Location: New Jersey

Posted 11 January 2007 - 06:48

Because the best hackers are probably better programmers than MS's developers.

Or the fact that with millions of lines of code, its nearly impossible to find every single one?