Welcome to WebmasterWorld Guest from 54.167.209.198

Forum Moderators: incrediBILL & lawman

Message Too Old, No Replies

Yahoo Reviews Its Bug Report Policy: T-Shirts Weren't Enough!

     
5:59 pm on Oct 3, 2013 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:23040
votes: 330


Finding and reporting a serious bug at Yahoo has now gotten a whole lot more worthwhile.

Following the aftermath of a security firm revealing its reward -- $12.50 t-shirts -- for finding severe vulnerabilities in Yahoo services, the tech giant has begun a review of its Bug Bounty policies.Yahoo Reviews Its Bug Report Policy: T-Shirts Weren't Enough! [zdnet.com]


Amongst the new policy items, the reward is now more substantial ...
Reward: Perhaps the most important part -- the t-shirts are history, and will be replaced with rewards between $150 - $15,000 for vulnerabilities classified as "new, unique and/or high risk."
The new policy will be released by the end of October 2013. In the meantime, to appease disgruntled t-shirt holders, the firm will implement the new policy retroactively back to July 1, 2013
10:34 pm on Oct 3, 2013 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:6896
votes: 377


Dang it! The only bugs I've found recently are in my kitchen! (All squashed, of course!)

I never did get their thought process behind the t-shirts... though I might have left the "r" out in conversation with other brothers of the web. :)

Doing things on the cheap, or thinking folks will be happy with a t-shirt for discovering and reporting (instead of taking advantage of) serious security, has been an amazement.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members