Step one: Work at a company with a bug bounty program Step two: Introduce subtle... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		yen223 on March 3, 2019 \| parent \| context \| favorite \| on: Teen Becomes First Hacker to Earn $1M Through Bug ... Step one: Work at a company with a bug bounty program Step two: Introduce subtle vulnerabilities Step three: Claim bug bounty under a pseudonym (or just get someone else to claim it)

nickpsecurity on March 3, 2019 [–]

That's actually a great spin on old concept of subversion. I wonder if anyone is doing it. It should be easier for C apps where someone could say they didn't know about a specific kind of undefined behavior.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact