from the imagine-a-giant-virtual-fence dept.
hypercard writes: It seems justaboutevery major tech company and even a few other large non-tech corporations have bug bounty programs as part of an effort to improve security through a community effort. Captains Rock Stevens and Michael Weigand, both Cyber officers in the U.S. Army, recently published Army Vulnerability Response Program, an outline for a legal way of disclosing bugs in Army software and networks. They say, "[T]he Army does not have a central location for responsibly disclosing vulnerabilities found through daily use, much less a program that can permit active security assessments of networks or software solutions. Without a legal means to disclose vulnerabilities in Army software or networks, vulnerabilities are going unreported and unresolved."
Top Ten Things Overheard At The ANSI C Draft Committee Meetings:
(8) I'm on the committee and I *still* don't know what the hell
#pragma is for.