Hacker News new | ask | show | jobs
by underdeserver 1829 days ago
Yep, you should really give up significant income from companies that do responsible vulnerability disclosure in the name of a random HN's commenter's values.
1 comments
sneak 1829 days ago
At no point did I say you should give up income.
link
underdeserver 1829 days ago
"Always just publish your research."

In most bug bounty programs I've seen (including Apple's and Facebook's) payouts are contingent on not publishing the research without consent.

link