Hey guys, what do u usually do if u send a bug report to a site and they just ignore it or say dumb stuff like “out of scope” or “not important”? I mean, dont u think this is kinda unfair and even hurts us? Like, we spend time and effort findin bugs, then they just throw it away for silly reasons. And even if they accept the bug, especially if it’s critical or high severity, isnt there big chance they just take it and use it on other sites or systems to make way more money than what they paid us? Feels like they use us to do free work, then make profits on their own. Honestly, I’m not convinced by this bug bounty thing, feels more like they exploit us. But maybe I’m wrong, just wanna hear ur opinions.
[link] [comments]
from hacking: security in practice https://ift.tt/aCzyWr7
Comments
Post a Comment