undefined | Better HN

0 pointsborplk12y ago0 comments

If he's the kind who would sell the exploit next time, Facebook isn't interested in rewarding him anyways.

Bounty programs are not there to create a more appealing market and out-bid the black hat hackers.

0 comments

That's exactly what they're there for. They encourage and reward a white-hat culture.

borplkOP12y ago

Bounty programs do not attempt to compete with black hat markets or outbid black market rates.

The purpose of bounty is to encourage white hat hackers to challenge one specific application instead of millions of other applications out there that the white hat hacker could spend his/her time on.

So it's saying "Hey...instead of working on that random application why don't you try to hack us because hey you could earn some money too".

It's assumed that the person is a white hat hacker who would not sell the bug in black market anyways, even if there was no bounty.

j / k navigate · click thread line to collapse