Microsoft Paid $100,000 for Finding Bug in Windows 8.1 Added: Wednesday, October 30th, 2013
Category: Bit Torrent Freedom > The Industries Of Records, Gaming, Software, Movies
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2013, www.extratorrent.cc
The software giant has paid $100,000 to the UK researcher James Forshaw, who found a critical security flaw in Microsoft’s upcoming Windows 8.1 OS.
Forshaw, a researcher for the security company, has found a “mitigation bypass”. This hack circumvented the built-in protection systems that could have allowed intruders access to the system.
Microsoft said it couldn’t provide any details of that mitigation bypass technique until it found a way to address it. However, the software giant promised to strengthen platform-wide mitigations, and make it harder to exploit vulnerabilities in all software that runs on Windows platform, not only their own apps.
The researcher admitted it had taken him 25 days to find the bug, responding to “a very specific brief” from the software giant. Forshaw originally came up with the winning idea sitting at home and pondering what he could do. $100,000 bounty is a lot of money, but James Forshaw said that he wasn’t talking retirement money there. Indeed, when it comes to security flaw bounties like Microsoft’s, most of it goes to the company. Actually, even if it didn’t, after paying taxes it is already not a life-changing amount.
The researcher admitted that using outside experts was just part of the process due to the scale of the task involved. The software giant has a huge security department which actively looks for software bugs in its products, but it might be just a problem of being too close to the product – you simply cannot see the wood for the trees. Forshaw recommends to step back and take a look at the entire product and its interactions in order to find the higher-level flaws.
It seems that outsourcing is also important from a monetary point of view. In fact, the company couldn’t dedicate enough resources to find everything, because it is cheaper to pay external researchers bounties like this one. Apparently, there is only a finite pool of talented people who are able to find vulnerabilities in software products.
One can argue that the bugs and vulnerabilities should not exist in the first place, but everyone knows that humans are fallible and nobody can write perfect code.
October 30th,2013Posted by:
Wednesday, October 30th, 2013
|Anything man made, can be un-man made|
|Dr Who, in an episode played by Tom baker years ago, gave this definition: Entropy - The more you put it together, the more it falls apart.|
|Its like virus protection,never mind MAN made,anything that invented by a HUMAN,can be defeated by a human!|
|I knew windows 8.1 was not ready, when it come out and tested it not bad for start, but for bug what a shame. But this is not the end for windows media centre as well as many users got free product keys to get WMC for windows 8 through your email accounts. Now my product key is now blocked thanks Microsoft, Microsoft should desgined a product key regsitering page simular to office 365 so it links to your email account so they know who's got a popper copy of Windows 8 and WMC. So if you reinstalled it on your hard drive or a any other pc. at least Microsoft tells you that key is yours and not saying its blocked.||
Most Popular Stories