Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] DecryptoCat

Nadim Kobeissi nadim at nadim.cc
Thu Jul 11 11:53:23 PDT 2013


On 2013-07-11, at 2:08 PM, Maxim Kammerer <mk at dee.su> wrote:

> On Thu, Jul 11, 2013 at 9:04 PM, Jonathan Wilkes <jancsika at yahoo.com> wrote:
>> I think the upshot of that is to steer whatever funds Cryptocat has
>> toward the form of peer review that did work, which is the bug
>> hunt (as well as look into other forms of peer review that would
>> be more effective).
> 
> The problem with bug hunting is that, in virtually all cases, the
> reward for an exploitable bug is orders of magnitude lower than what
> can be fetched on the open market. So it is not a replacement for a
> thorough review by experts.

There was a recent article on this:
http://threatpost.com/researchers-find-bug-bounty-programs-pay-economic-rewards/101243

NK

> 
> --
> Maxim Kammerer
> Liberté Linux: http://dee.su/liberte
> --
> Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech




More information about the liberationtech mailing list