Overclock.net › Forums › Industry News › Software News › [UB] Microsoft Offers $100,000 Bounty For Windows 8.1 Exploits
New Posts  All Forums:Forum Nav:

[UB] Microsoft Offers $100,000 Bounty For Windows 8.1 Exploits - Page 4

post #31 of 38
Quote:
Originally Posted by Blooddrunk View Post

They did this with Windows 7. Not uncommon really.
I don't think they did. There are the pwn to own and similar events, but that's about it.

This is actually notable since MS (and most of the "traditional" software vendors) do not provide bounties. This is one thing that sets Google, Facebook, and similar apart that they would pay for these issues.

It certainly will cost MS money, but what it will buy them in public perception (and, even increased reporting of exploits) is well worth it.
Micro Dance
(8 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k z97i-plus EVGA GTX980 SC 16GB Team Xtreme 2400 
Hard DriveCoolingOSCase
512GB Samsung SSD 830 NH-L12 Windows 10 EVGA Hadron Air 
  hide details  
Reply
Micro Dance
(8 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k z97i-plus EVGA GTX980 SC 16GB Team Xtreme 2400 
Hard DriveCoolingOSCase
512GB Samsung SSD 830 NH-L12 Windows 10 EVGA Hadron Air 
  hide details  
Reply
post #32 of 38
I imagine it's a lot harder than it seems to actually qualify for the $100k.
Quote:
Originally Posted by ez12a View Post

this. they dont need to hire full time employees, pay benefits, etc. instead a 1 time payment of 100k and that's it. Still pretty good if someone can find an exploit quickly.

Yep. They are literally just paying for results.
Black 2012
(18 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5 2500k Stock Asrock Z77 Extreme3 Motherboard XFX AMD Radeon HD 6850 16GB (4x4gb) G. Skill Sniper 1333mhz 
Hard DriveHard DriveHard DriveHard Drive
Crucial M4  Western Digital Caviar Black Western Digital Elements Seagate Barracuda 6GB/s 
Optical DriveCoolingOSKeyboard
LG Lightscribe 22x DVD RW R+ R- Noctua NH-D14 Windows 7 Professional x64 Logitech G11 
PowerCaseMouseMouse Pad
Seasonic 750w Gold Fractal Design R4 (Windowed) Logitech G5 Ratpadz GS 
AudioAudio
Bose Companion 2 Sennheiser HD280 Pro 
  hide details  
Reply
Black 2012
(18 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5 2500k Stock Asrock Z77 Extreme3 Motherboard XFX AMD Radeon HD 6850 16GB (4x4gb) G. Skill Sniper 1333mhz 
Hard DriveHard DriveHard DriveHard Drive
Crucial M4  Western Digital Caviar Black Western Digital Elements Seagate Barracuda 6GB/s 
Optical DriveCoolingOSKeyboard
LG Lightscribe 22x DVD RW R+ R- Noctua NH-D14 Windows 7 Professional x64 Logitech G11 
PowerCaseMouseMouse Pad
Seasonic 750w Gold Fractal Design R4 (Windowed) Logitech G5 Ratpadz GS 
AudioAudio
Bose Companion 2 Sennheiser HD280 Pro 
  hide details  
Reply
post #33 of 38
Also IE well time to scout biggrin.gif
post #34 of 38
Quote:
Originally Posted by 8800GT View Post

Well if we see any "Best rig for $100,000" threads created we know why wink.gif

Best rig for $100,000
Power Bac G5
(8 items)
 
  
CPUGraphicsRAMHard Drive
i5 6600K @ 4.5Ghz R9 280X with no FreeSync support 8GB 2800Mhz Samsung 850 EVO 250GB 
Hard DriveMonitorPowerCase
2x ADATA SP550 120GB RAID 0 AOC 4k FreeSync TN Panel EVGA SuperNova NEX 750B Parts Directly On Top Cardboard Box 
  hide details  
Reply
Power Bac G5
(8 items)
 
  
CPUGraphicsRAMHard Drive
i5 6600K @ 4.5Ghz R9 280X with no FreeSync support 8GB 2800Mhz Samsung 850 EVO 250GB 
Hard DriveMonitorPowerCase
2x ADATA SP550 120GB RAID 0 AOC 4k FreeSync TN Panel EVGA SuperNova NEX 750B Parts Directly On Top Cardboard Box 
  hide details  
Reply
post #35 of 38
The exploits would be worth more on the open market.
post #36 of 38
Quote:
Originally Posted by Tsumi View Post

It would probably cost them more than $100,000 in paid hours to have a hacker discover exploits, and take a lot more time too.

This way, they have the work of an entire hacking community, and they have to pay just one of them.
i dont tink if the guy find 2 exploits is going to recive one price.
if it was me il present one.get the money and present the other and get more money.
and there is for shure a lot of exploits windows 8 is far away from bieng perfect.
other thing i just think microsoft puted this because they really want people using windows 8.
windows 8 sucks thats why
post #37 of 38
Quote:
Originally Posted by s-x View Post

The exploits would be worth more on the open market.

Sadly this is known to be true.

I know there has been at least one security firm that has said they wouldn't sell a Google Chrome exploit to google even for a million dollars...but to my knowledge there has only been a handful of submissions that were paid over $10,000. Most of these exploits can be sold on the market for A LOT of money to corporations that will turn them into data mining tools. So really all any one is trying to do is get some bored Computer Science Masters Student software test for them to get some extra money for their Spring Break trip.
Edited by Vagrant Storm - 6/24/13 at 9:14am
My System
(16 items)
 
  
CPUMotherboardGraphicsGraphics
2600K @ 4.7GHz Asus P8P67 B3 GTX 580 EVGA Hydro Copper 2 GTX 580 EVGA  
RAMHard DriveOptical DriveOS
4x4GB G.Skill Ripjaws bunch of 'em Blu-Ray For movies Windows 8.1 
MonitorMonitorKeyboardPower
24.4" Hans G HH251 X2 Yamakasi DS270  Blah 1000watt Super Flower 
CaseMouseMouse PadAudio
Built into Desk Microsoft SideWinder X8 Comfy one... Creative Extreme Gamer 
  hide details  
Reply
My System
(16 items)
 
  
CPUMotherboardGraphicsGraphics
2600K @ 4.7GHz Asus P8P67 B3 GTX 580 EVGA Hydro Copper 2 GTX 580 EVGA  
RAMHard DriveOptical DriveOS
4x4GB G.Skill Ripjaws bunch of 'em Blu-Ray For movies Windows 8.1 
MonitorMonitorKeyboardPower
24.4" Hans G HH251 X2 Yamakasi DS270  Blah 1000watt Super Flower 
CaseMouseMouse PadAudio
Built into Desk Microsoft SideWinder X8 Comfy one... Creative Extreme Gamer 
  hide details  
Reply
post #38 of 38
Quote:
Originally Posted by Pr0xy View Post

Why don't they just do what most companies do and hire security firms...

Or is this just a way to showoff? lol

I'm sure they have also hired security firms, but this is mostly a publicity stunt that will also help find potential exploits.

Quote:
Originally Posted by Vagrant Storm View Post

Sadly this is known to be true.

I know there has been at least one security firm that has said they wouldn't sell a Google Chrome exploit to google even for a million dollars...but to my knowledge there has only been a handful of submissions that were paid over $10,000. Most of these exploits can be sold on the market for A LOT of money to corporations that will turn them into data mining tools. So really all any one is trying to do is get some bored Computer Science Masters Student software test for them to get some extra money for their Spring Break trip.

Yeah that's true I guess. But it could also be some white hat hackers, people with morals, or people who want to stay legitimate.

Even if you don't use Windows or you can protect yourself, you would be screwing people who do by selling the exploits in that way. Even if you don't like Microsoft, it's better for the general public for Windows to be secure.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [UB] Microsoft Offers $100,000 Bounty For Windows 8.1 Exploits