|
|
|
|
|
|
by jtchang
4576 days ago
|
|
|
I haven't been following this story that closely but I just don't understand why they don't pay him outside the bug bounty. "Sorry this security hole wasn't in our bug bounty but we'd like to give you the reward anyway. Please sign these legal documents and let us know if you find anything else." There is so much you can do by just being reasonable. Like if Prezi said they can't officially acknowledge it under the bug program but can just pay out some sort of reward it makes way more sense. Besides. If the bug was in the code under a subdomain that someone exposed source code it would be the same thing. |
|
|