[ayrx]

Completely untrue about the people at Slack. I disclosed a pretty trivial vulnerability to them and got a $100 reward.

How about next time you stop generalising?

[crazypyro]

Well considering other people posted a tweet about someone trying to report it as a vuln on August 13th and getting told it's a feature, I'd say he's not exactly generalizing in this specific instance.

[tomp]

I'm not generalizing, and I don't really care about Slack. I'm just putting forward a hypothesis about what might be going on in a security researcher's brain when they stumble upon a vulnerability.

[tomjen3]

Pretty sure the going rate for a pen-tester is much, much higher than 100 usd an hour - and they would get paid even if they didn't find anything.