top | item 44225149

(no title)

PeeMcGee | 8 months ago

Wow, if I needed any more proof Google is a ghost ship then this is it. The $5K bounty is an insult, and the fact that they low-balled it in the first place makes them look like absolute clowns. Good on you for calling out how little of a shit Google gives about actually protecting user data.

discuss

jcims|8 months ago

Nobody is forced to participate in a bug bounty. If you don't like the rewards, don't do it. There's a limit to the financial viability of these programs.

sjg1729|8 months ago

If the bug bounty program doesn’t pay out much, there will be plenty of less reputable actors happy to pay more

dns_snek|8 months ago

Who's talking about participation? We can be appalled by their business practices as their customers (actual or potential). These are the same companies that tell us that our privacy and security is their #1 concern, and use that justification to take away our rights "for our own good", but when there's a real threat they address it with with a business-casual equivalent of "fuck off".

raxxorraxor|8 months ago

This is why there need to be strong fines associated with such security issues. That would provide financial viability enough.

Even if the issue wasn't abused, it looks like data already leaked.

unknown|8 months ago

[deleted]