Products > Security

when you find a security issue better stay away from Bugcrowd

(1/4) > >>

madires:
Bug bounty platforms, like Bugcrowd, are meant to help security researches to report secutity issues and earn a few bucks. But Bugcrowd has changed to a quite disturbing stance: When Soatok Used Bugcrowd and Got Banned for Doing the Right Thing (https://soatok.blog/2022/06/14/when-soatok-used-bugcrowd/).

Ed.Kloonk:
Sigh.

The question I have is if this chap found a sec flaw because he happened to be poking around, why didn't anyone else?

madires:
There aren't many security experts with a deep unterstanding of cryptography.

Ed.Kloonk:

--- Quote from: madires on June 15, 2022, 01:25:14 pm ---There aren't many security experts with a deep understanding of cryptography.

--- End quote ---

No, I suppose not. Maybe the peeps who don't shouldn't be coding this stuff in the first place. Relying on bounties is a awful way to perfect code.

magic:

--- Quote ---After I pointed out that a) a takedown would be pointless due to an archive already existing
--- End quote ---
AKA how to get banned from an Internet website by having level 1000 autism :-DD

Navigation

[0] Message Index

[#] Next page

There was an error while thanking
Thanking...
Go to full version