Selling exploits is more of a legal gray area depending on jurisdiction and licensing.
why anyone would trust these companies to pay out
AFAIK, they historically have
why anyone would help them fix their problems at this point
They’re not “helping,” they’re trying to get paid by finding exploits legally, rather than using them illegally. And if someone is particularly good, it can be lucrative work. It’s historically been a mutually beneficial arrangement, so it’s ironic if M$lop thinks they can cut out human researchers (ostensibly swapping them for AI agents) and still maintain a secure codebase.
To me, this is M$lop trying to cut costs from the wrong thing; may they get what they deserve.
redsand@infosec.pub 3 days ago
grey_maniac@lemmy.ca 3 days ago
ETA? In my life experience that means estimated time to arrival. What do you mean in this context?
avguser@lemmy.world 3 days ago
Edited to add
Zoop@beehaw.org 3 days ago
In this context, it means ‘edited to add’