Premium Content

Access "The Pipe Dream of No More Free Bugs"

Published: 20 Oct 2012

Information Security magazine, May issue Download the entire May issue of Information Security magazine here in PDF format. By MICHAEL S. MIMOSO, Editor No More Free Bugs is the new security researcher credo. A few high-profile bug hunters have decided gratis is a goner and they're not giving away their work for nothin' no more. Vendors such as Apple, Oracle and Microsoft can find their own browser bugs and buffer overflows. These guys are taking their keyboards and fuzzers and are going home. The reason for the change in attitude is apparently twofold: 1) Bugs are hard to find. What used to take a couple of hours of spare time to find now takes a weekend -- or a week, or a month; and 2) yesterday's young bug-finder is today's adult complete with spouses, kids, mortgages and bills to pay. They're not going to be satisfied with a tip-of-the-cap mention in the Patch Tuesday bulletin any more. Gratis is a goner. The revolution began at the CanSecWest conference in March in Vancouver where Charlie Miller won the Pwn2Own contest for the second consecutive year, ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

    • Cybersecurity Act of 2009: Power grab, or necessary step?

      The Cybersecurity Act of 2009, also known as S.773, would give the president unprecedented authority over federal and private networks. Experts debate whether it's a power grab, or a signal of the seriousness of threats to critical infrastructure.

    • Ease the compliance burden with automation

      Manual compliance processes are error-prone and drain corporate IT resources. Automated tools make a difference if you apply them to a well-organized compliance program.

More Premium Content Accessible For Free