[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netscape rewards are an insult


In article <[email protected]>,
Dr. Frederick B. Cohen <[email protected]> wrote:
> 	The idea that Netscape (like Microsoft) thinks they can get free
> testing services from all over the net by real experts just by offerring
> a tee shirt is down right offensive.

But (amusingly enough) they can get free testing services from this
aspiring student for free just by providing source code.  Hey, it's fun! :-)
I'm no expert, but you get what you pay for. <grin>

[Psst: anyone wanna offer source code to the security modules?]

I do think their ``bug bounty'' system is an improvement -- at least
they're showing some concern for security, and beginning to admit
that outside review of security-critical code is...well...critical.

Still, I do agree that they really oughta be employing true experts
to carefully evaluate their system, if they wanna claim anything about
its security.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

Version: 2.6.2
Comment: Gratis auto-signing service