Welcome to WebmasterWorld Guest from 23.22.46.195

Forum Moderators: incrediBILL & lawman

Yahoo Reviews Its Bug Report Policy: T-Shirts Weren't Enough!

   
5:59 pm on Oct 3, 2013 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Finding and reporting a serious bug at Yahoo has now gotten a whole lot more worthwhile.

Following the aftermath of a security firm revealing its reward -- $12.50 t-shirts -- for finding severe vulnerabilities in Yahoo services, the tech giant has begun a review of its Bug Bounty policies.Yahoo Reviews Its Bug Report Policy: T-Shirts Weren't Enough! [zdnet.com]


Amongst the new policy items, the reward is now more substantial ...
Reward: Perhaps the most important part -- the t-shirts are history, and will be replaced with rewards between $150 - $15,000 for vulnerabilities classified as "new, unique and/or high risk."
The new policy will be released by the end of October 2013. In the meantime, to appease disgruntled t-shirt holders, the firm will implement the new policy retroactively back to July 1, 2013
10:34 pm on Oct 3, 2013 (gmt 0)

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



Dang it! The only bugs I've found recently are in my kitchen! (All squashed, of course!)

I never did get their thought process behind the t-shirts... though I might have left the "r" out in conversation with other brothers of the web. :)

Doing things on the cheap, or thinking folks will be happy with a t-shirt for discovering and reporting (instead of taking advantage of) serious security, has been an amazement.
 

Featured Threads

My Threads

Hot Threads This Week

Hot Threads This Month