|
|
|
|
|
|
by guidovranken
1890 days ago
|
|
|
There's a place for being patient and lenient, but HackerOne consistently seems to not shut down malfunctioning programs that never pay rewards and flat out stop talking to you, yet continue to collect bugs. Such a relationship is commonly called fraud so I suggest reporting HackerOne to the Federal Trade Commission as I have. The premise of bug bounties is that the reward amount is at the discretion of the program host and that the time incurred by developing a fix will influence the moment of payout, but refusing to pay and even communicate (for years!) for clearly eligible submissions is well beyond a reasonable interpretation of the conditions, and to consistently keep facilitating this abuse is simply fraudulent. |
|
|