What's interesting here is that the VLC team (partially) implemented what Alex I... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Aissen on June 10, 2019 \| parent \| context \| favorite \| on: VLC 3.0.7 and security What's interesting here is that the VLC team (partially) implemented what Alex Ionescu called for in the conclusion of his SSTIC 2019 keynote "Pay for the fix, not for the bug": https://www.sstic.org/2019/presentation/keynote_2019/ They did pay for the bugs, but with "large extra-bonuses for fixes". Maybe this will pave the road to a different approach.

archgoon on June 10, 2019 [–]

This seems like it would incentivize simply selling to grey markets.

baby on June 10, 2019 | [–]

If you're an asshole there isn't much they can do.

m1sta_ on June 10, 2019 | | [–]

Criminal.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact