Insomnia (insomnia) wrote,

Security by bounty.

Microsoft, which typically protects the security of its software through obscurity (i.e. not allowing others access to its code in order to verify its security), is now putting bounties out on virus creators who exploit holes in Microsoft's security.

What isn't mentioned, however, is how small a step it could be from putting bounties out on virus creators to putting bounties (or some bounty-like equivalent) out on those who publicly release information/software that reveals Microsoft's security holes or bypasses the way Microsoft intends their security/software to work in general. This is especially problematic, because Microsoft has an ever-increasing amount of legal remedies they can resort to in order to target these individuals.

  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 1 comment