I've said this several times but never posted it. Tavis, you are awesome.
Google hacker Tavis Ormandy and security firm Bromium have handed Amnesty International US$30,000 (£20,443, AU$40,242) in bug bounty cash awarded after the former broke the latter's security controls. Ormandy donated his US$15,000 (£$10,214, A$20,104) winnings under Bromium's hacking challenge, in which researchers were …
Friday 15th July 2016 15:09 GMT El Limerino
A good PR save by messers Crosby et al. Bromium had no bug bounty (which is common practice at start-ups, especially those in security) prior to this marketing BS exercise of daring anyone to break their product. Then someone promptly broke it. Twice. As they admit, they didn't expect that. Ooops. Red faces all round. Better start a bug bounty program and pay up, then launch marketing BS in the form of Crosby saying how someone quickly deflating Bromium's hubris by doing what they expected nobody to do was a great and noble thing. Well it was, just not in the way Mr Crosby spins it.