Yahoo pays out a whopping $12.50 bounty
Posted by: Timothy Weaver on 10/01/2013 11:23 AM
[
Comments
]
Researchers found a bug that “allowed any @yahoo.com email account to be compromised simply by sending a specially crafted link to a logged-in Yahoo! user and making him/her clicking on it.” What did Yahoo think about the find? The bounty was just $US12.50 and came in the form of a voucher that could only be spent in the Yahoo! company store.
Another three flaws were sent in and finally Yahoo bit and sent the voucher for $12.50. High-Tech Bridge's CEO Ilia Kolochenko has reacted badly to that offer, declaring it “a bad joke”.
“If Yahoo! cannot afford to spend money on its corporate security, it should at least try to attract security researchers by other means. Otherwise, none of Yahoo!’s customers can ever feel safe,” he writes.
Another three flaws were sent in and finally Yahoo bit and sent the voucher for $12.50. High-Tech Bridge's CEO Ilia Kolochenko has reacted badly to that offer, declaring it “a bad joke”.
“If Yahoo! cannot afford to spend money on its corporate security, it should at least try to attract security researchers by other means. Otherwise, none of Yahoo!’s customers can ever feel safe,” he writes.
Comments
