Zdnet has a post about Google's recent hiring of Michal Zalewski. Michal has been keeping both Microsoft and Mozilla busy this year by finding and reporting bugs in both browsers. He will be a great addition to the Google Security team.
http://blogs.zdnet.com/security/?p=410 |
How do they know whether he's doing his job properly? Does he have a security hole quota to reach? Will the development teams be planting security holes in beta releases to test him? :-)
This reminds me of a time when a lecturer at Manchester University once asked a room full of soon-to-be Computer Science students how many bugs a successful bug test should find. Of course, everyone said "zero" but he said the correct answer was "many". |
I hope for the public's sake they don't start testing this guy's skill by adding security holes to beta releases. Remember most of Google's products are in beta. ;) |
