Eh I dunno. Google does this with its Vulnerability Reward Program [1] and peopl... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		cosgroveb on June 15, 2011 \| parent \| context \| favorite \| on: How Hackers Stole 200,000 Citi Accounts Just By Ch... Eh I dunno. Google does this with its Vulnerability Reward Program [1] and people seem to be fine with sharing almost all of their private data with Google from all their e-mails to their credit card numbers (Google checkout), etc., etc. Also Facebook has a form for reporting vulns [2] and people are still happy to share their personal info there. I'm sure there are other companies that have "hotlines" but these are just a few I can think of. I don't think having an avenue for responsible security bug disclosure gives anyone the impression that their data is unsafe. [1] http://googleonlinesecurity.blogspot.com/2010/11/rewarding-w... [2] https://www.facebook.com/help/contact.php?show_form=white_ha...

daeken on June 15, 2011 | [–]

Mozilla and CCBill as well: http://www.mozilla.org/security/bug-bounty.html http://www.ccbill.com/developers/security/vulnerability-rewa...

nitrogen on June 16, 2011 | [–]

Aren't you acknowledging violation of the Facebook TOS by submitting that form?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact