|
|
|
|
|
|
by rvz
383 days ago
|
|
|
> For example, Google awarded $10,000 to a bug report which showed that extensions could read local files by screenshotting them. But there are more dangerous things than file reads. I think this researcher got scammed without knowing it. Google paid $10k for this bug despite billions of users using Chrome and there are plenty of brokers that will pay much more than that. (e.g. Zerodium) They should have sold it as a 0day on the black market for more that $250k. |
|
|