There is a good broker service for this. Tipping Point's Zero day initiative. Register, submit your vulnerability, they research it, contact the vendor, and pay you for your 0day finding.
Eric S. Raymond's "Many Eyes" theory has really not stood the test of time. Some research has indicated the security defect rate between open and closed commercial software is about the same (i.e. it relates to your languages and your developers' security skill levels, not to the number of POTENTIAL code reviewers). Open source code and vulnerabilities sit in plain view for years without public discovery.
What has been shown is that sometimes, commercial operations have a framework standing by to deal with security problems when they arise. In this case, it doesn't appear NVidia's security response team was doing anything but who knows. The fact of the matter is non commercial open source projects have such a security incident response team much less often. The Apache project is a good exception.
Slashdot Mirror
I wasn't too sure how well Mandarin is universally understood in China. China has an ass-load of languages.
Or Argentina?
Hint: Google Maps can help you determine which countries allow minimum overland journey times of 36 hours or greater.
Or Chile?
Or Brazil?
Or Australia?
Have you ever heard of Russia or Canada?
There is a good broker service for this. Tipping Point's Zero day initiative. Register, submit your vulnerability, they research it, contact the vendor, and pay you for your 0day finding.
Eric S. Raymond's "Many Eyes" theory has really not stood the test of time. Some research has indicated the security defect rate between open and closed commercial software is about the same (i.e. it relates to your languages and your developers' security skill levels, not to the number of POTENTIAL code reviewers). Open source code and vulnerabilities sit in plain view for years without public discovery.
What has been shown is that sometimes, commercial operations have a framework standing by to deal with security problems when they arise. In this case, it doesn't appear NVidia's security response team was doing anything but who knows. The fact of the matter is non commercial open source projects have such a security incident response team much less often. The Apache project is a good exception.
Disclaimer: I do this for my day job!
Fucking WHOOSH
It worked for me, dipshit.
Yes, we like it white now, not black and smouldering anymore, thanks.
Once again, let me clarify: Canada was not targeted by two continents; it was targeted by The United States of America.
I think my point is pretty well made now. Yours too, apparently.
If you don't like grammar, I bet you $1 your code doesn't compile. Or your network is routed incorrectly.
Shit security on their end, and that posting does NOT look like an apology.
And what's this BS about expecting the most hostile network? I thought that was DEFCON...
Thank you. The Canadians did not fight two wars against two continents, including their own; they only needed to target the United States of America.
I agree as a capitalist consumer you should have a choice. But why do you think cable is better than ADSL?
You must hate communicating.
...but not Canadians. Wonder why?
Lutefisk is Norwegian, you RACIST
Care to explain??
I would never tell you this to your face, but is your fault Slashdot sucks! (at least today)
WTFing F???
Toru -> Toru -> http://en.wikipedia.org/wiki/Toru%C5%84
Grr, stupid iPhone.
Toru -> Toru
AC -> FormOfActionBanana, "not from Europe and it shows"
What would someone in Poland do with my car keys?
BA has never lost my bag. I fly BA about 30 times a year.
Flying in the pre-9/11 United States, my bags would be "lost" (ie arriving later) about 50% of the time.
Just wondering if you've had anyone review your buffer overflows, AC?