1995-10-17 - Re: Netscape rewards are an insult

Header Data

From: Jeff Weinstein <jsw@netscape.com>
To: cypherpunks@toad.com
Message Hash: c46c650f937737ccfa5ffc093f2e94fcd5c5f2fed56f6791c4b27e87400d62e4
Message ID: <3082EDD2.20C9@netscape.com>
Reply To: <199510152232.SAA12387@book.hks.net>
UTC Datetime: 1995-10-17 03:21:11 UTC
Raw Date: Mon, 16 Oct 95 20:21:11 PDT

Raw message

From: Jeff Weinstein <jsw@netscape.com>
Date: Mon, 16 Oct 95 20:21:11 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510152232.SAA12387@book.hks.net>
Message-ID: <3082EDD2.20C9@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


David A Wagner wrote:
> I do think their ``bug bounty'' system is an improvement -- at least
> they're showing some concern for security, and beginning to admit
> that outside review of security-critical code is...well...critical.

  The whole bug bounty thing is an experiment.  We have no idea how
valuable it will be, but we thought it would be worth trying.  As we
gain more experience with it, we will probably evolve it.

> Still, I do agree that they really oughta be employing true experts
> to carefully evaluate their system, if they wanna claim anything about
> its security.

  We are doing that to.  We are paying outside consultants to review
everything related to security.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





Thread