Thread: Any Hackers in the House?
View Single Post
Old 05-12-2016, 09:02 PM  
lezinterracial
Confirmed User
 
Industry Role:
Join Date: Jul 2012
Posts: 3,064
Quote:
Originally Posted by rowan View Post
Vuln bounties should have some sort of public signature or hash ledger, so that when someone finds one, the finder can prove the time of submission, without releasing the actual details. That way the company cannot weasel out of it by saying that someone else found it first.

Would probably be even better if the proof was stored on a public blockchain, like Bitcoin, so that the company couldn't manipulate it.

There's a startup idea for you.
Closest thing I know of is. https://hackerone.com/ and https://www.openbugbounty.org/ At openbounty you can put the details on hold for any site you find a redirect or xss issue with. I put an issue on hold for a month usually. Only a small site paid me. Big sites, never answer.
__________________
Live Sex Shows
lezinterracial is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote