[liberationtech] DecryptoCat
Maxim Kammerer
mk at dee.su
Thu Jul 11 11:08:17 PDT 2013
On Thu, Jul 11, 2013 at 9:04 PM, Jonathan Wilkes <jancsika at yahoo.com> wrote:
> I think the upshot of that is to steer whatever funds Cryptocat has
> toward the form of peer review that did work, which is the bug
> hunt (as well as look into other forms of peer review that would
> be more effective).
The problem with bug hunting is that, in virtually all cases, the
reward for an exploitable bug is orders of magnitude lower than what
can be fetched on the open market. So it is not a replacement for a
thorough review by experts.
--
Maxim Kammerer
Liberté Linux: http://dee.su/liberte
More information about the liberationtech
mailing list