On 2013-07-11, at 2:08 PM, Maxim Kammerer <m...@dee.su> wrote: > On Thu, Jul 11, 2013 at 9:04 PM, Jonathan Wilkes <jancs...@yahoo.com> wrote: >> I think the upshot of that is to steer whatever funds Cryptocat has >> toward the form of peer review that did work, which is the bug >> hunt (as well as look into other forms of peer review that would >> be more effective). > > The problem with bug hunting is that, in virtually all cases, the > reward for an exploitable bug is orders of magnitude lower than what > can be fetched on the open market. So it is not a replacement for a > thorough review by experts.
There was a recent article on this: http://threatpost.com/researchers-find-bug-bounty-programs-pay-economic-rewards/101243 NK > > -- > Maxim Kammerer > Liberté Linux: http://dee.su/liberte > -- > Too many emails? Unsubscribe, change to digest, or change password by > emailing moderator at compa...@stanford.edu or changing your settings at > https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech