Published at LXer:
Paying independent security researchers a bounty for responsibly disclosing vulnerabilities is not the best way to protect users, according to Microsoft. [...] Numerous companies offer a "bug bounty" including Firefox maker Mozilla. [It's a matter of supply and demand. MS supplies so many vulnerabilities that no one could afford to pay more than pennies apiece to find them. -- grouch]
Read More...