Bruce Schneier already posit that hack-a-thing challenge is not a good test or p... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		devchix on April 27, 2020 \| parent \| context \| favorite \| on: US Air Force Space Security Challenge 2020: Hack-a... Bruce Schneier already posit that hack-a-thing challenge is not a good test or proof of whether a thing is vulnerable. Back in the days when everyone was coming out with hash and cipher algo there were bounties offered as PR of how strong thingX was. Not everyone is going to take up a challenge, if I were a real criminal I would discover the vulnerability (if any) and keep it to myself because the exploit, especially a secret one, is worth more than the bounty, and has a longer pay period.

exabrial on April 27, 2020 [–]

Agree 100%, if someone was to seriously think and ad-hoc team was a replacement for a formal security audit... well they get what they deserve. I'm not sure where these fall in the mix, but they definitely seem useful, more eyes on a problem the better.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact