The Reston, Va., security intelligence outfit threw out the monetary reward to hackers as part of a challenge program aimed at luring researchers to its controversial pay-for-flaw VCP (Vulnerability Contributor Program).

VeriSign Offers Hackers $8,000 Bounty on Vista, IE 7 Flaws – eWeek.com

Verisignの研究所がVistaとIE7のバグ探しに賞金を掛けたらしい。素人目には、どんどんバグとかセキュリティ・ホールを発見して危険を排除していって欲しいと思う。愉快犯のハッカーもこの際、後ろ向きの快感を得るのを止めてお金を稼げはいいのに、という気もするが、一方でこういった行為には反対意見もある模様で、よく分かりません。

“People should never be rewarded for breaking into software and finding weaknesses. They should do it out of a need to create a more secure environment for everyone,” said one researcher, who declined to be identified.

Paying for Flaws: Undermining Security or Rewarding Good Deeds? – eWeek.com

広告