sanitation@lemmy.today to Technology@lemmy.worldEnglish · 1 day agoAMD changes rules, denies researcher $10,000 bounty after taking 124 days to patch security flawwww.techspot.comexternal-linkmessage-square50linkfedilinkarrow-up1585arrow-down12
arrow-up1583arrow-down1external-linkAMD changes rules, denies researcher $10,000 bounty after taking 124 days to patch security flawwww.techspot.comsanitation@lemmy.today to Technology@lemmy.worldEnglish · 1 day agomessage-square50linkfedilink
minus-squareITGuyLevi@programming.devlinkfedilinkEnglisharrow-up65arrow-down2·19 hours agoA long time ago I felt like bug bounty programs would be an amazing way forward… Now I’m firmly in the camp of fuck it, sell it to the highest bidder.
minus-squareRememberTheApollo_@lemmy.worldlinkfedilinkEnglisharrow-up17arrow-down2·15 hours agoThe only issue with doing that is selling it to a nefarious party hurts the users and not really AMD. Or at least it isn’t hurting AMD anywhere near as much as it might hurt an innocent party.
minus-squareSculptor9157@sh.itjust.workslinkfedilinkEnglisharrow-up34·15 hours agoAnd that is a risk AMD is willing to take.
minus-squareKnock_Knock_Lemmy_In@lemmy.worldlinkfedilinkEnglisharrow-up1·13 hours agoDepends if the company has a history of honoring bounties or not.
A long time ago I felt like bug bounty programs would be an amazing way forward… Now I’m firmly in the camp of fuck it, sell it to the highest bidder.
The only issue with doing that is selling it to a nefarious party hurts the users and not really AMD. Or at least it isn’t hurting AMD anywhere near as much as it might hurt an innocent party.
And that is a risk AMD is willing to take.
Depends if the company has a history of honoring bounties or not.