An Australian penetration tester named Shubham Shah has become the latest to complain about bug bounty programs that offer pathetic – or no – rewards. The bounty program in question was run by Prezi, a slideware-as-a-service outfit/ The terms of the program state that only certain “ … domains (and every service accessible on …
I hope he debugged it before returning it
You can bet *that* was an MBA a**ehole made that decision
Sysadmin: He found a flaw in our security and accessed the crown jewels of the company
MBAA:So what, it wasn't in listed in the rules and we don't have to pay him.
Sysadmin: He could have sold the code to a competitor, inserted trapdoors or actual malware in it.
MBAA: But he didn't (thinks:Because he's weak and trusting. I would have shown no such "mercy.")
Sysadmin: You are kind of an a**ehole aren't you.
MBA has a chat with lobyist to make pen testing illegal even when invited to do so.
Is that a bug?
Seems more akin to finding a key under your doormat and trying it in the door.
Surely a bug is when things don't operate as intended, rather than simply being operated poorly.
- Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
- FOUR DAYS: That's how long it took to crack Galaxy S5 fingerscanner
- Did a date calculation bug just cost hard-up Co-op Bank £110m?
- Feast your PUNY eyes on highest resolution phone display EVER
- Wall St's DROOLING as Twitter GULPS DOWN analytics firm Gnip