How my personal Bug Bounty Program turned into a Free Security Audit for the Serendipity Blog

Hanno's Blog

Monday, November 12. 2018

How my personal Bug Bounty Program turned into a Free Security Audit for the Serendipity Blog


Trackbacks

No Trackbacks

Comments
Display comments as (Linear | Threaded)

> It got this through the indirection of my personal bug bounty program, but of course this could also work directly.

I think, importantly, that you were doing the hard work of filtering and validating issues for them. This worked out here.

But it cerates some perverse incentives.... How would it work if you signed up, *paying a bug bounty* for your personal website, and collected 0days for Serendipity from submitters?
#1 Tom (Homepage) on 2018-11-12 19:03 (Reply)

Add Comment

E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

 
 

About

This blog is written by Hanno Böck. Unless noted otherwise, its content is licensed as CC0.

You can find my web page with links to my work as a journalist here.

I am also publishing a newsletter about climate change and decarbonization technologies.

The blog uses the free software Serendipity and is hosted at schokokeks.org.

Hanno on Mastodon | Contact / Imprint | Privacy / Datenschutz