Products > Security
when you find a security issue better stay away from Bugcrowd
madires:
Bug bounty platforms, like Bugcrowd, are meant to help security researches to report secutity issues and earn a few bucks. But Bugcrowd has changed to a quite disturbing stance: When Soatok Used Bugcrowd and Got Banned for Doing the Right Thing (https://soatok.blog/2022/06/14/when-soatok-used-bugcrowd/).
Ed.Kloonk:
Sigh.
The question I have is if this chap found a sec flaw because he happened to be poking around, why didn't anyone else?
madires:
There aren't many security experts with a deep unterstanding of cryptography.
Ed.Kloonk:
--- Quote from: madires on June 15, 2022, 01:25:14 pm ---There aren't many security experts with a deep understanding of cryptography.
--- End quote ---
No, I suppose not. Maybe the peeps who don't shouldn't be coding this stuff in the first place. Relying on bounties is a awful way to perfect code.
magic:
--- Quote ---After I pointed out that a) a takedown would be pointless due to an archive already existing
--- End quote ---
AKA how to get banned from an Internet website by having level 1000 autism :-DD
Navigation
[0] Message Index
[#] Next page
Go to full version