Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

FBI reportedly bought exploit from hackers to access San Bernardino iPhone

Lucian Constantin | April 14, 2016
The agency is still working through questions about sharing the vulnerability with Apple.

Some software vendors have set up bug bounty programs and pay hackers for privately reporting vulnerabilities found in in their products. However, the rewards paid by vendors cannot compete with the amount of money that governments can and are willing to pay for the same flaws.

"I would rather vendors not try to compete in the bidding, but rather focus on eliminating the market entirely by creating secure products from the very beginning," said Jake Kouns, chief information security officer at vulnerability intelligence firm Risk Based Security, via email.

Software vendors should instead "invest significant money, energy, and time" into training developers on secure coding practices and reviewing code before releasing it, he added.


Previous Page  1  2 

Sign up for Computerworld eNewsletters.