[00:23] < constant> I found out about www.zerodayinitiative.com sometime ago.
After looking at some Firefox reports back when I found the site, and
now again, it strikes me that Firefox vulnerabilities are reported by
anonymous researchers...
[00:24] < constant> i.e. someone introduces a bug to mozilla, then reports it
to ZDI, and then gets paid for the bug being fixed? :)
[00:24] < constant> Or maybe not introduces, but finds a bug in a patch
submitted by a contributor, but puts an r+/sr+ on the patch
nonetheless?
[00:25] < constant> I mean, why would you not want to get credit for finding
some mozilla bugs?
[00:26] < constant> http://www.zerodayinitiative.com/advisories/ZDI-06-051.html
[00:28] < constant> any comments?
![[info]](http://l-stat.livejournal.com/img/userinfo.gif?v=92.1){kind=small}
cnst) wrote,
