topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Sunday December 15, 2024, 11:20 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

« previous next »
Pages: [1] • bottom

Author Topic: Bug Bounty From MS  (Read 5301 times)

Tinman57

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,702
    • View Profile
    • Donate to Member
Bug Bounty From MS
« on: June 19, 2013, 07:42 PM »

Microsoft unleashes bug bounty program — for betas, too

The software giant's bug bounty program will aim to fix security flaws, bugs, and vulnerabilities even before products are released.

http://www.zdnet.com...betas-too-7000016956

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: Bug Bounty From MS
« Reply #1 on: June 19, 2013, 08:00 PM »
Do we send the bugg reports to MS or the NSA?

Tinman57

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,702
    • View Profile
    • Donate to Member
Re: Bug Bounty From MS
« Reply #2 on: June 20, 2013, 07:43 PM »
Do we send the bugg reports to MS or the NSA?
-Stoic Joker (June 19, 2013, 08:00 PM)

  Don't matter who you send it to, the NSA will get a copy BEFORE the intended recipient does....

Tinman57

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,702
    • View Profile
    • Donate to Member
Re: Bug Bounty From MS
« Reply #3 on: June 22, 2013, 08:37 PM »

  Well here's the "Gotcha" from MS.  Now whodathunkit?

Microsoft's $100,000 bug bounty: Read the fine print
06.22.2013 10:30 AM
Microsoft is offering up to $100,000 for vulnerabilities found in Windows 8.1 that are paired with exploits, but it's pretty much up to Microsoft to decide who gets paid how much based on a set of subjective criteria.

http://www.pcworld.c...-the-fine-print.html

Fred Nerd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 278
    • View Profile
    • Donate to Member
Re: Bug Bounty From MS
« Reply #4 on: June 24, 2013, 06:13 AM »
So basically they want you to keep all the bugs you find a secret so that you can be the only person claiming the bounty. This way no-one will put all the bugs up on the net to be laughed at.

Smooth move.

Tinman57

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,702
    • View Profile
    • Donate to Member
Re: Bug Bounty From MS
« Reply #5 on: June 24, 2013, 02:29 PM »
So basically they want you to keep all the bugs you find a secret so that you can be the only person claiming the bounty. This way no-one will put all the bugs up on the net to be laughed at.

Smooth move.
-Fred Nerd (June 24, 2013, 06:13 AM)

  But the biggest issue is MS gets to decide how much the bug report is worth based on their "Subjective Criteria".  Of course to save themselves a lot of money, all they have to say is "Oh, this bug isn't that big of a deal or important enough to give you very much money....

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: Bug Bounty From MS
« Reply #6 on: June 24, 2013, 03:59 PM »
If somebody dug up three bugs looking to get paid for them, and MS didn't have a decent going rate type price for the first one... I bet the other two would get offered to somebody else first.

Just sayin'... ;)

Tinman57

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,702
    • View Profile
    • Donate to Member
Re: Bug Bounty From MS
« Reply #7 on: June 24, 2013, 07:18 PM »
If somebody dug up three bugs looking to get paid for them, and MS didn't have a decent going rate type price for the first one... I bet the other two would get offered to somebody else first.

Just sayin'... ;)
-Stoic Joker (June 24, 2013, 03:59 PM)

  I hear the Russian Mafia pays big bucks for bugs, especially for ones that allow back doors and such....   :P
Pages: [1] • top
« previous next »