Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Not really all that troubling, all the author is saying is that he wants to get paid for their work.

Either Microsoft or other future vendors can actually honor an established bug bounty program, or the author can sell his findings to the highest bidder. Or the author can simply not spend time and energy finding bugs in the first place.



Don't miss the middle statement; the author thinks there are further attacks here, even with the fix. Others can also find and then choose to report/sell at their own discretion.


Highest bidder is unethical and illegal.

But does not change the monetary reality


Pass a law that requires companies to pay black market value for bug bounties. It’s also unethical for big corporations to exploit the US oligarchy to get these fixes for free.


There’s no exploitation going on.


How is it illegal?




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: