Feeds

back to article Pen tester scoops source code in bug hunt contest, has to argue for prize

An Australian penetration tester named Shubham Shah has become the latest to complain about bug bounty programs that offer pathetic – or no – rewards. The bounty program in question was run by Prezi, a slideware-as-a-service outfit/ The terms of the program state that only certain “ … domains (and every service accessible on …

COMMENTS

This topic is closed for new posts.
Bronze badge

I hope he debugged it before returning it

see above.

2
0
Gold badge
Unhappy

You can bet *that* was an MBA a**ehole made that decision

Sysadmin: He found a flaw in our security and accessed the crown jewels of the company

MBAA:So what, it wasn't in listed in the rules and we don't have to pay him.

Sysadmin: He could have sold the code to a competitor, inserted trapdoors or actual malware in it.

MBAA: But he didn't (thinks:Because he's weak and trusting. I would have shown no such "mercy.")

Sysadmin: You are kind of an a**ehole aren't you.

16
0
Silver badge

You forgot...

MBA has a chat with lobyist to make pen testing illegal even when invited to do so.

3
0
Bronze badge
WTF?

Is that a bug?

Seems more akin to finding a key under your doormat and trying it in the door.

Surely a bug is when things don't operate as intended, rather than simply being operated poorly.

0
0
This topic is closed for new posts.