|31 Jul 2010||#1|
| || |
Google and Mozilla bug bounties don't buy much more security
Browser bugs are too prevalent and malicious hackers are too tenacious for higher monetary rewards to make a big difference
Both Mozilla and the Google are raising their rewards for submitted critical vulnerabilities in respective browsers. Mozilla is now paying $3,000 for Firefox bugs and the Google Chromium team is paying $3133.70 ("elite" in hacker leet-speak) for bugs in Chrome, compared to the initial $1,337 reward from six months ago. Ignoring Google's cheesy figure, it's a good time to ask again if paying for bugs makes the Internet any safer. I like the idea of paying bug finders for their work, but I'm doubtful it will protect users significantly in the long run. As a matter of fact, I'm pretty sure it won't.
Google's program itself is obviously successful, enriching bug reporters and helping Google better secure its browser. Google has reported 60 vulnerabilities so far this year alone: 25 from June 9 through July 6 for Chrome 5.x and 35 from January through May in Chrome 4.x. That's far more than those found in the other two major browsers: Microsoft's Internet Explorer 8 has 27 reported vulnerabilities this year and Mozilla Firefox 3.6 has 46.
Google and Mozilla bug bounties don't buy much more security | Security Central - InfoWorld
|My System Specs|
|Similar help and support threads for2: Google and Mozilla bug bounties don't buy much more security|
|X64 Version of Google Chrome and Mozilla Firefox?||Browsers & Mail|
|Mozilla Foundation Security Advisory 2012-10||Browsers & Mail|
|Mozilla halts Firefox security updates||Browsers & Mail|
|Mozilla and Google Working Together, But Not Really...||News|
|Audio Skipping With Google Chrome/Mozilla Firefox||Sound & Audio|
|Security Update for Mozilla Thunderbird||Browsers & Mail|
|Mozilla, IE, and Google Chrome||Customization|
|Our Sites ||Site Links ||About Us ||Find Us |
© Designer Media Ltd
All times are GMT -5. The time now is 02:30 PM.