Hacker News new | ask | show | jobs
by jacobhansen 4536 days ago
I'm not sure whether Egor Homakov received a reward for reporting this to Mt.Gox which he clearly deserves. However we have contacted to Mt.Gox to understand if they would be launching a vulnerability reward program and the response we got is that they would launch one during Q1 2014. Read more at our blog about it. https://blog.crowdcurity.com/how-to-measure-the-security-of-...
1 comments
homakov 4536 days ago
No rewards
link
jacobhansen 4535 days ago
That's a shame. What is your bitcoin address which we, and the rest of the community, could tip to?
link
homakov 4535 days ago
just homakov@gmail.com on coinbase
link
jacobhansen 4535 days ago
Ok, just transferred $100 to your coinbase account. Since this was transferred directly to your mail within coinbase, the transaction does not get included in the blockchain. Let me know if you didn't received them. Best Jacob, CrowdCurity.
link
homakov 4535 days ago
Wow, Thanks!
link
dobbsbob 4535 days ago
dont know if you are interested but bex.io is hiring for security engineers/auditors, and most of their employees are remote. Since these guys puport to be a cookie-cutter template for running your own bitcoin exchange I'm sure they will need you. https://angel.co/jobs?slug=bex-io
link
shiven 4535 days ago
You have no idea who this fellow is, right !?!

Given his street cred, I doubt he needs any help looking or finding the work he'd like to do and totally do so on his and his terms alone!

link
homakov 4535 days ago
Nobody hires egor in fact. Not wow.
link
nikcub 4535 days ago
I always thought you would get a lot of work via HN people. It surprises me but I don't find it hard to believe. Why it doesn't surprise me is because security and pen testing work is as much about sales, marketing and presentation - perhaps more than skill.

Some of the best security guys I know find it hard to pitch their services, so they end up working low-end generic programming or sysadmin jobs. I've tried to get more and more of them involved in my work (I do contract pen testing while also doing my own sec startup at the moment) by including them in proposals I write up, works out well. I messaged you on twitter.

link
3pt14159 4535 days ago
lol, this guy is a legend around here. If he wanted a job, he'd have it.
link
X4 4535 days ago
that's sad bro, you deserved a really fair gift for that discovery. I mean others (could've) used it. We need more people who report security issues and go public, if nobody listens.
link
becherovka 4535 days ago
Is there a quality bitcoin bounty reward program for vulnerabilities?
link