What a good idea from Microsoft. A system to encourage the reporting of bugs to improve its software.
-
-
Great idea, but the dollar amounts are stupid silly. $100,000 is more than J. Random Level 61, a mid-level PM, earns in a year. -
I've read the article and can not see anywhere that mentions that MS are paying $100,000 for bug reports, you got insider information? Also, I cannot see MS paying that amount of money to Joe Public (MS employees yes but not Joe Public).Comment
-
More details at the Microsoft Security Response Center: http://www.microsoft.com/security/ms...yprograms.aspx
The following programs will launch on June 26, 2013:
Mitigation Bypass Bounty. Microsoft will pay up to $100,000 USD for truly novel exploitation techniques against protections built into the latest version of our operating system (Windows 8.1 Preview). Learning about new exploitation techniques earlier helps Microsoft improve security by leaps, instead of capturing one vulnerability at a time as a traditional bug bounty alone would. TIMEFRAME: ONGOING
BlueHat Bonus for Defense. Additionally, Microsoft will pay up to $50,000 USD for defensive ideas that accompany a qualifying Mitigation Bypass submission. Doing so highlights our continued support of defensive technologies and provides a way for the research community to help protect more than a billion computer systems worldwide. TIMEFRAME: ONGOING (in conjunction with the Mitigation Bypass Bounty).
Internet Explorer 11 Preview Bug Bounty. Microsoft will pay up to $11,000 USD for critical vulnerabilities that affect Internet Explorer 11 Preview on the latest version of Windows (Windows 8.1 Preview). The entry period for this program will be the first 30 days of the Internet Explorer 11 beta period (June 26 to July 26, 2013). Learning about critical vulnerabilities in Internet Explorer as early as possible during the public preview will help Microsoft make the newest version of the browser more secure. TIMEFRAME: 30 DAYSComment
-
Key legal term there Steve is "up to" the first time you send them something they will most likely pat you on the behind and say, sorry we already knew about that one.Comment
-
No, they'll give out the money. Remember, this is run by Microsoft's Trustworthy Computing Group, the division that I was part for eight of the eleven years I worked there. "Up to" is weasel wording required by the legal department. TwC is serious about this stuff, and they won't cheat people out of the rewards for discovery.Comment
-
The really critical term is "novel".
I.E. different than Kaspersky.
Why pay someone to sit in a cubicle typing on a term when, by random motion one "might" get a solution from the Bazaar?
woodsmokeComment
-
So there it is, Microsuck's final capitulation in front of their countless bugs XD
"We can't possibly find all those bugs anymore, let's cry for help and offer $$$ in the hope someone actually finds those bloody bugs!"
Also, "*Trustworthy* Computing Group", what a hoax. If they wanted to be even remotely trustworthy, they wouldn't be using that heavily bug-ridde, malware- and virus-loving Windows in thze first place!
Just as much of a hoax as that "Trustworthy Computing Platform" garbage.Kubuntu Raring Ringtail x64 w/ Kde 4.10.5
Multimedia packages for Kubuntu x64 (x264 10bit, mplayer2, Aegisub etc.)
http://erokawaii.org/?page_id=5181
My stuff on kde-look.org
http://kde-look.org/usermanager/sear...ction=contentsComment
-
You should perhaps do a little bit of research before you level such unfounded criticism. The group I was in singlehandedly improved attitudes and culture of 20,000 developers and testers. That kind of organizational change rarely happens in modern business. TwC created procedures and methods that turned Microsoft around. Take a look at the various vulnerabilty and exploit reports you can find. You'll discover that Windows has largely been left behind by attackers, and instead they're going after applications: SQL injection, Java, JavaScript, HTML, Flash. Current versions of Windows have fewer vulnerabilities than ever before, largely because of what we did in TwC. In fact, TwC has become a model recognized by many security experts and replicated in other software firms.Originally posted by Shimapan View PostComment
-
As a complete Newbie, I converted this laptop to Kubuntu yesterday, (this is a S/H machine and I wasn't too sanguine about the legality of the Windows 7 installed on it); anyway, at 69, if you don't keep stretching your brain you are on a short road to musty death; this morning I had Muon Discoverer crash on me half a dozen times - Am I ranting? Er, no; these things happen.
Almost the first thing I did was to sort out a web browser, after trying about 8 or 9 of those ones on offer, I settled for Opera as being the least worse of the bunch. With the best will in the world, none of them have the same functionality as IE10; the way bookmarks work, the adaptability of toolbars, the clumsiness of the presentation; but these are limitations I am, in part, willing to accept,. Well, from anyone but Opera & Firefox, who've been in the business long enough to improve the user experience when trying to customise the toolbars. I had Firefox on this machine when it was running under W7 and got rid of it after it changed my Home Page to one of its own 3 imes in 2 weeks!Comment
-
IIRC Muon Discover was only introduced in 13.10, I'm expecting the developers to have ironed out most of its bugs by 14.04. I rarely use it but was browsing the other day and noticed it is far better now than it was when first released, pretty good progress for such a short space of time.
I'm surprised you don't like chromium, how exactly were you trying to customise the toolbars? I use Firefox now but used to use Chromium, one of the things I liked about it was that its toolbars take up less vertical space than Firefox (comparing both with a bookmarks bar).
I agree about experimenting with new things, it's easy to fall behind if you stop exploring. The number of people at work who don't know about things like the Snipping Tool in Win7, and pressing F4 to scroll through dollar signs for absolute cell references in excel always surprises me. These are small things, easily learned, that quickly add up to save a lot of time when used often.Comment
-
(OT I know, but this is the Community Café forum) check out the Littlefox add-on, a theme I think. I combine it with suppressing window decoration in kwin, and Newscrollbars to narrow the scrollbar. Every pixel counts...Originally posted by Feathers McGraw View Post
Regards, John LittleRegards, John LittleComment
-
Comment