|
|
|
|
|
|
by coolbreeze762
4691 days ago
|
|
|
What you've just done is create a disincentive for "researchers" to report vulnerabilities to you. The next time Kahlil or someone else finds a vulnerability (and there will be a next time), he/she/they will simply use it and/or sell it. Kahlil did the right thing, at the end of the day, and only broke Facebook protocol in order to get your attention because you ignored his first (legal) notification of said bug. If you don't pay him, you'll have a hard time with credibility in future cases. In addition to all of that, it's the right thing to do. You stay classy Facebook. |
|
|