Sign in to follow this  
Followers 0
ThePitt

VeriSign Offers Hackers $8,000 Bounty on Vista, IE 7 Flaws

10 posts in this topic

VeriSign's iDefense Labs has placed an $8,000 bounty on remote code execution holes in Windows Vista and Internet Explorer 7.

The Reston, Va., security intelligence outfit threw out the monetary reward to hackers as part of a challenge program aimed at luring researchers to its controversial pay-for-flaw VCP (Vulnerability Contributor Program).

The launch of the latest hacking challenge comes less than a month after researchers at Trend Micro discovered Vista flaws being hawked on underground sites at $50,000 a pop and illustrates the growth of the market for information on software vulnerabilities.

iDefense isn't the only brand-name player in the market. 3Com's TippingPoint runs a similar program, called Zero Day Initiative, that pays researchers who agree to give up exclusive rights to advance notification of unpublished vulnerabilities or exploit code.

The companies act as intermediaries in the disclosure process?handling the process of coordinating with the affected vendor?and use the vulnerability information to beef up protection mechanisms in their own security software, which is sold to third parties.

"Both Microsoft Internet Explorer and Microsoft Windows dominate their respective markets, and it is not surprising that the decision to update to the current release of Internet Explorer 7.0 and/or Windows Vista is fraught with uncertainty. Primary in the minds of IT security professionals is the question of vulnerabilities that may be present in these two groundbreaking products," iDefense said in a note announcing the bounty.

http://www.eweek.com/article2/0,1895,2082014,00.asp

Share this post


Link to post
Share on other sites

if only other OS's price for hacking was this high, Microsoft would quickly become the most safe OS

Share this post


Link to post
Share on other sites

:blink: what'????

not wanting to be mean or anything like that, but this one has made my week....

maash my thoughts exactly

Share this post


Link to post
Share on other sites
if only other OS's price for hacking was this high, Microsoft would quickly become the most safe OS

In your dreams sunshine

Share this post


Link to post
Share on other sites

This is so retarded lol.. crack the OS and get money.. wow gheyy

Share this post


Link to post
Share on other sites

I thought it was a great idea.. discover the flaws and get paid. Their benefit is now that can patch them.

Share this post


Link to post
Share on other sites
I thought it was a great idea.. discover the flaws and get paid. Their benefit is now that can patch them.

Can they just pay their developers and tell them to find the holes instead of this? :/

Share this post


Link to post
Share on other sites
Can they just pay their developers and tell them to find the holes instead of this? :/

Nothing would motivate someone more to hunt of bugs then $8000 ;)

Share this post


Link to post
Share on other sites
Can they just pay their developers and tell them to find the holes instead of this?

Because the best hackers are probably better programmers than MS's developers.

Share this post


Link to post
Share on other sites
Because the best hackers are probably better programmers than MS's developers.

Or the fact that with millions of lines of code, its nearly impossible to find every single one?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.