Hacker News new | ask | show | jobs
by microtonal 2589 days ago
If I were a researcher, I'd be happy to delay for 6 months for a reward

Really? What if a nation state actor has discovered the same bug. Do you want to keep the world vulnerable for a 6 month window?

Also, most European university researchers are funded through taxpayer money. They should do what is best for the general population, not what is best of some company's stock value.
2 comments
londons_explore 2589 days ago
> Do you want to keep the world vulnerable for a 6 month window?

There exist far more bugs than discovered bugs. By revealing it, I put some people at risk (those who fail to update), and by hiding it I put more people at less risk (everyone, but only if someone else discovers the bug).

It's a tradeoff, but 6 months is a good window for most people to update, while there still not being too much chance of the bug being independently discovered.

link
krageon 2589 days ago
> most European university researchers are funded through taxpayer money

This is absolutely not a given. While it might be partially true, they are frequently also funded through corporate grants.

link
dagw 2589 days ago
The only European country where I'm somewhat familiar with research funding is Sweden and at least there direct corporate funding is a tiny sliver of the overall university research budget. And even when companies do fund research projects much of the funding is things like letting their researchers work 'for free' on the project or giving free access to data, equipment and licenses rather than cash
link
krageon 2589 days ago
I only really know two northwestern (European) countries and they are both not Sweden. Corporate funding there is "strings attached" money, both for direction and scope of the research (and in at least one case a final say on whether or not research gets published). Corporate funding is also somewhat expected, as working from just government money is a huge outlier (it is not enough).

It's interesting to see that policies differ so much even inside of the relatively wealthy parts of Europe :)

link
dagw 2589 days ago
To clarify slightly. Corporate 'co-funding' and cooperation is not uncommon in projects (and is in fact a requirement for funding in many cases), but the amount of actual cash this adds up to is a tiny percentage of the overall national university research budgets.
link