Comment by mpeg

Comment by mpeg 6 days ago

4 replies

View on Hacker News

First thing I looked for... this is an absolutely critical vulnerability that if exploited would have completely ruined their business. No bounty!?

vntok 6 days ago

Why would they pay anything? The researchers offered them the vuln analysis for free, unprompted.

If anything, they got paid in exposure.

Reply View 3 replies
  • cube00 6 days ago

    Let's hope the grants keep coming in because those researchers will start getting offers from the darker corners of the web if bounties aren't paid.

    Reply View 1 reply
    • vntok 3 days ago

      It's their choice. If the researchers choose to accept and service criminal offers from darker corners of the web, they should be prosecuted as the criminals they have become.

      Reply View 0 replies
  • [removed] 6 days ago
    [deleted]
    Reply View 0 replies