Comments on: Crowdsource Security Testing http://www.solo-technology.com/blog/2008/02/10/crowdsource-security-testing/ A Technology Crow in search of Bright Shiny Objects Tue, 16 Mar 2010 15:01:48 -0600 http://wordpress.org/?v=2.9.2 hourly 1 By: uTest - Beta Testers Community. http://www.solo-technology.com/blog/2008/02/10/crowdsource-security-testing/#comment-25222 uTest - Beta Testers Community. Thu, 14 Feb 2008 15:16:14 +0000 http://www.solo-technology.com/blog/2008/02/10/crowdsource-security-testing/#comment-25222 With the software evolution, to offer to their users more features and become compatible with the most popular operative systems, some software applications tend to have hidden bugs. Imagine if you are Bill Gates, and you want to know if the last version of Word contains bugs! Microsoft and other companies uses the power of their community to test their software (and of course report bugs) and in exchange the testers will receive a discount, money or a software application. [...] http://blog.belive.ws/2008/02/13/utest-beta-testers-community/ Regards, Adriano Lopes With the software evolution, to offer to their users more features and become compatible with the most popular operative systems, some software applications tend to have hidden bugs. Imagine if you are Bill Gates, and you want to know if the last version of Word contains bugs! Microsoft and other companies uses the power of their community to test their software (and of course report bugs) and in exchange the testers will receive a discount, money or a software application. [...]

http://blog.belive.ws/2008/02/13/utest-beta-testers-community/

Regards,
Adriano Lopes

]]> By: Chris http://www.solo-technology.com/blog/2008/02/10/crowdsource-security-testing/#comment-24800 Chris Sun, 10 Feb 2008 20:34:33 +0000 http://www.solo-technology.com/blog/2008/02/10/crowdsource-security-testing/#comment-24800 @David Along those lines. But more of a "Hey, we're about to launch MyShinySite. The exposed beta is at http://MyShinySite.com/beta2 -- who can find any security holes?" Kinda of a get paid to hack or crowdsourced penetation test. Granted, maybe it would end up being an easy way to DDOS and crumble a beta site... perhaps a "gate keeper" would be necessary so it doesn't get flooded. Interesting to noodle on though. @David Along those lines.

But more of a “Hey, we’re about to launch MyShinySite. The exposed beta is at http://MyShinySite.com/beta2 — who can find any security holes?”

Kinda of a get paid to hack or crowdsourced penetation test.

Granted, maybe it would end up being an easy way to DDOS and crumble a beta site… perhaps a “gate keeper” would be necessary so it doesn’t get flooded.

Interesting to noodle on though.

]]> By: David Giesberg http://www.solo-technology.com/blog/2008/02/10/crowdsource-security-testing/#comment-24793 David Giesberg Sun, 10 Feb 2008 19:07:12 +0000 http://www.solo-technology.com/blog/2008/02/10/crowdsource-security-testing/#comment-24793 Like a bounty-based system? (Break into system X and complete task Y and collect Z dollars/credits/etc) Like a bounty-based system? (Break into system X and complete task Y and collect Z dollars/credits/etc)

]]>