Re: Google open redirect

[Charles Morris <cmorris () cs odu edu>]

I'm sure you are right about Google's intentions, it doesn't really
make it any less palatable to me however.

I'm just ranting really. haha


On Thu, Dec 8, 2011 at 10:13 AM, Pablo Ximenes <pablo () ximen es> wrote:
> Well, I usually support adopting business models into processes that help
> society, so I would agree with you on the "monetary philosophy".
>
> But the strategy here isn't (as I understand) driving pro's into the
> program, but getting rid of unilateral vuln disclosures that happen mostly
> without direct monetary compensation. So, I thing Google's program is
> directed to those that already are willing to gain no money for their work
> in disclosing vulns. Again, this is just my point of view.
>
>
>
> 2011/12/8 Charles Morris <cmorris () cs odu edu>
> > Granted, but I know that vulnerability research can take a huge chunk
> > of time out of a person's life,
> > and without getting in to "monetary philosophy", I feel that in our
> > current system, a person should
> > be compensated for their time if they've done something useful for
> > society.
> > That's sort of the point of the way we use money.
> >
> > On Thu, Dec 8, 2011 at 10:03 AM, Pablo Ximenes <pablo () ximen es> wrote:
> > > I think the reward is intended as a symbolic token of appreciation, and
> > > not
> > > as compensation. That's why they give you the option to donate your cash
> > > reward instead of keeping the money. I think what really drives
> > > researchers
> > > into Google's program is recognition and not compensation, IMHO.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/