Google Offers Cash For Security Fixes To Linux and Other FOSS Projects

jrepin writes "Google is offering rewards as high as $3,133.70 for software updates that improve the security of OpenSSL, OpenSSH, BIND, and several other open-source packages that are critical to the stability of the Internet. The program announced Wednesday expands on Google's current bug-bounty program, which pays from $500 to $3,133.70 to people who privately report bugs found in the company's software and Web properties." Google isn't the only company that sees the value in rewarding those who find security problems: Microsoft just paid British hacker James Forshaw $100,000 for finding a serious security flaw in Windows 8.1.

Re:No.

[girlintraining]

Still, I think they should get a little credit for offering money for stuff that benefits us all (including them of course).

They get NO credit. None. They're raking in billions of dollars on products which use this software. Imagine if similar products were only available through commercial vendors. They'd be paying tens to hundreds of millions in licensing and support fees every year for the guarantee that bugs found would be fixed, and proper code auditing had been done to minimize vulnerabilities. Instead, they get handed a free beer and told they can have as many more as they want, with the only thing being a stipend at the bottom saying "If you really like this product, please donate some money to the authors so they can continue work on it."

No. Google gets no credit. Google fails. Google is booted out of the class and banned from school. These people are being so unbelievably cheap and unethical at the same time they deserve nothing but our ridicule.