Microsoft, Facebook: We'll pay cash if you can poke a hole in the INTERNET

Overzealous PR

Nice of them to go public before the projects affected have had time to deliberate on the potential issues arising (like, for example, finding ourselves at the receiving end of lots of bounty-motivated NOTABUG reports).

::shrugs::

Kernel mailing lists have existed for a reason, for decades.

And they are not driven by corporate marketing.

Still no assurance worth a damn

Show me coding practices that I can audit. Show me security from the get-go instead of "oh damn, we've got a tick box left" at the end of development. Show me evidence of PROCESS, not that a certain set of people with a certain skill set cannot break certain products from certain parts of the planet using certain techniques (there's more, but any "certain" is a variable that can invalidate the result as evidence of security).

Anyone who finds a hole is not going to hand that to Google of Microsoft, they'll be selling it on the market to either criminals or to NSA or their brethren in other nations as that offers much improved return on investment.

All this white hat BS is not evidence of security, it's merely a final check of a process that should be in place. Show me that first, and then I will still laugh at you because both are US companies and are thus quite simply unable to keep any data confidential. But that's a separate topic. Enough with the marketing BS already.