Comment on AMD changes rules, denies researcher $10,000 bounty after taking 124 days to patch security flaw
Onomatopoeia@lemmy.cafe 2 days agoAnd simply paid they guy out of appreciation.
I generally support the model we’ve had for. Bug disclosure - it’s about preventing zero days which protects the users of these products.
But for AMD stuff now, go ahead and sell your discoveries, let the zero-days ruin AMDs marketing.