On 07/11/2013 02:08 PM, Maxim Kammerer wrote:
On Thu, Jul 11, 2013 at 9:04 PM, Jonathan Wilkes <jancs...@yahoo.com> wrote:
I think the upshot of that is to steer whatever funds Cryptocat has
toward the form of peer review that did work, which is the bug
hunt (as well as look into other forms of peer review that would
be more effective).
The problem with bug hunting is that, in virtually all cases, the
reward for an exploitable bug is orders of magnitude lower than what
can be fetched on the open market.
How do people selling exploits on the open market generally get paid?
Is it a lump sum? Per month that it's not divulged? Something else?
-Jonathan
--
Too many emails? Unsubscribe, change to digest, or change password by emailing
moderator at compa...@stanford.edu or changing your settings at
https://mailman.stanford.edu/mailman/listinfo/liberationtech
