View Single Post
19 Mar 2010  

Windows 7 x64 HP, Windows 7 HP, Windows 7 Ult

I'm not sure if I applaud this effort or not. While it is a Good Thing to find flaws in the various browsers, I'm concerned by the part in the article that says:

...the contest is really a clever way of marketing TippingPoint's controversial Zero-Day Initiative (ZDI) scheme, under which researchers are paid to find exploits which are then added to the intrusion detection engines from which the company makes much of its living.

At the time of its launch in 2005, the ZDI was criticised by rival vendors and some independent voices as tantamount to encouraging people to sell exploits uncovered to the highest bidder, in this case, 3Com's TippingPoint division.TippingPoint points out that all exploits discovered through the Pwn2Own contest will be disclosed to the vendors concerned as well as being added to its own database.
What is the delay in telling vendors of the flaws? How fair is this to them?

<sigh> I guess we'll just have to live with it.
My System SpecsSystem Spec