[derengel]

I'm the only that thinks that $4000 was very cheap on part of Github? a security hole like this on the wrong hands would have bring severe consequences to github, consequences so big that they would probably pay $1,000,000 USD for it to never happen. So maybe something in the $50-100K would sound more reasonable. Egor is a great hacker with no business sense? On the other hand, the publicity his service gets for this its probably worth more than $50-100K.

[nolok]

No you're not alone, considering this was a combination of security holes that allowed people to get read/write access to others repos, including private.

[philliphaydon]

I'm really glad Github paid him, but reading what the exploit can do I really think he deserves more, sure they were a series of small exploits, but all together... they are pretty damaging in the wrong hands.