top | item 12308204 (no title) salem | 9 years ago Makes you wonder if they could have made more money by pretending to find them and reporting them to the respective bug bounty programs. discuss order hn newest wcummings|9 years ago Bug bounties almost never pay market value for exploits. Only reason to participate in them is charity. kbenson|9 years ago And legality. I'm not sure why people seem to entirely discount that portion. There's more reward by selling on the black market, but there's also more risk associated with that. load replies (3) schoen|9 years ago > Only reason to participate in them is charity.Maybe believing that it's good when fewer vulnerabilities exist and when attackers are less able to exploit things? Does that count as charity? load replies (1) dtemp|9 years ago Getting a CVE on your resume isn't bad either. unknown|9 years ago [deleted]
wcummings|9 years ago Bug bounties almost never pay market value for exploits. Only reason to participate in them is charity. kbenson|9 years ago And legality. I'm not sure why people seem to entirely discount that portion. There's more reward by selling on the black market, but there's also more risk associated with that. load replies (3) schoen|9 years ago > Only reason to participate in them is charity.Maybe believing that it's good when fewer vulnerabilities exist and when attackers are less able to exploit things? Does that count as charity? load replies (1) dtemp|9 years ago Getting a CVE on your resume isn't bad either.
kbenson|9 years ago And legality. I'm not sure why people seem to entirely discount that portion. There's more reward by selling on the black market, but there's also more risk associated with that. load replies (3)
schoen|9 years ago > Only reason to participate in them is charity.Maybe believing that it's good when fewer vulnerabilities exist and when attackers are less able to exploit things? Does that count as charity? load replies (1)
wcummings|9 years ago
kbenson|9 years ago
schoen|9 years ago
Maybe believing that it's good when fewer vulnerabilities exist and when attackers are less able to exploit things? Does that count as charity?
dtemp|9 years ago
unknown|9 years ago
[deleted]