A Google Engineer Is Teaching Hackers How To Break Microsoft's Software
It's his latest move in a long-running skirmish he's had with the security folks in Redmond. He thinks they take too long to fix bugs that researchers like him find and submit to them.
So, he's trying to force them to respond faster by finding bugs and telling people about them. In this case, he even wrote an "exploit" and published that too. An exploit is the code hackers use. It's how they hack.
He's not being particularly malicious. By publishing the exploit, the good guys can see the problem just as the bad guys can.
Still, there's a long-standing code-of-ethics in the security world. If you find something broken in someone else's code, you are supposed to tell the company and give it 30-60 days to fix it before you reveal the hack to the world (called disclosure).
Meanwhile, Ormandy also has a reputation. In 2010, he angered many in the security world by only giving Microsoft five days before publishing a vulnerability he found.
Now Ormandy's employer, Google, has stepped in and sided with Ormandy.
Last week Google said that if its engineers find security flaws in other's code, they will only wait seven days before disclosing it the world.
- Culinary odyssey: Exploring Kochi's 10 famous cuisines
- Scientists have finally figured out what happened to the lost continent ‘Argoland’ that went missing 155 million years ago
- Revamp your health in 2024: 10 Essential food habits for a better life
- Consistent inflows push small-cap funds AUM past Rs 2 lakh cr mark in Nov
- Ola Electric aims to raise nearly Rs 5,800 cr via IPO, to file DRHP