A Google Engineer Is Teaching Hackers How To Break Microsoft's Software
It's his latest move in a long-running skirmish he's had with the security folks in Redmond. He thinks they take too long to fix bugs that researchers like him find and submit to them.
So, he's trying to force them to respond faster by finding bugs and telling people about them. In this case, he even wrote an "exploit" and published that too. An exploit is the code hackers use. It's how they hack.
He's not being particularly malicious. By publishing the exploit, the good guys can see the problem just as the bad guys can.
Still, there's a long-standing code-of-ethics in the security world. If you find something broken in someone else's code, you are supposed to tell the company and give it 30-60 days to fix it before you reveal the hack to the world (called disclosure).
Meanwhile, Ormandy also has a reputation. In 2010, he angered many in the security world by only giving Microsoft five days before publishing a vulnerability he found.
Now Ormandy's employer, Google, has stepped in and sided with Ormandy.
Last week Google said that if its engineers find security flaws in other's code, they will only wait seven days before disclosing it the world.
- Should you be worried about the potential side-effects of the Covishield vaccine?
- India T20 World Cup squad: KulCha back on menu, KL Rahul dropped
- Sales of homes priced over ₹4 crore rise 10% in Jan-Mar in top 7 cities: CBRE
- Gold prices fluctuate as geopolitical tensions ease; US Fed meeting, payroll data to affect prices this week
- Best beaches to visit in Goa in 2024
- Nothing Phone (2a) blue edition launched
- JNK India IPO allotment date
- JioCinema New Plans
- Realme Narzo 70 Launched
- Apple Let Loose event
- Elon Musk Apology
- RIL cash flows
- Charlie Munger
- Feedbank IPO allotment
- Tata IPO allotment
- Most generous retirement plans
- Broadcom lays off
- Cibil Score vs Cibil Report
- Birla and Bajaj in top Richest
- Nestle Sept 2023 report
- India Equity Market