Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Bug Bounty

  • 08-06-2020 4:09pm
    #1
    Moderators, Education Moderators Posts: 2,610 Mod ✭✭✭✭


    Hey ,

    Anyone here have experience of bug bountys ? I'm in the middle of submitting my first one(s) and getting a bit lost.

    Whats to stop a company taking your report, patching the flaw and then saying "we cant reproduce the issue"

    I know the issue existed because I created a video recreating the issue.

    Just wondering whats the normal procedure here, as I say, I'm new at this.


Comments

  • Closed Accounts Posts: 3,445 ✭✭✭Rodney Bathgate


    With social media and ability to screenshot or record I doubt any company would be stupid enough to try that.

    I’d be more worried that someone has steady submitted the issue and yours will be closed as a duplicate.


  • Moderators, Education Moderators Posts: 2,610 Mod ✭✭✭✭horgan_p


    With social media and ability to screenshot or record I doubt any company would be stupid enough to try that.

    I’d be more worried that someone has steady submitted the issue and yours will be closed as a duplicate.

    Do you have experience in this field ?
    If so I've a few more questions


  • Closed Accounts Posts: 3,445 ✭✭✭Rodney Bathgate


    No, but I work for a software company with open source and non-open source products. We have public JIRA projects and private ones. The lead time from an issue being identified / first reported to a fix being rolled out can be weeks or even months depending on resolution complexity and test cases, so there is a possibility they already are aware of the issue and working on a fix. Rushing out a fix can cause more problems than the original issue.


  • Moderators, Education Moderators Posts: 2,610 Mod ✭✭✭✭horgan_p


    With social media and ability to screenshot or record I doubt any company would be stupid enough to try that.

    I’d be more worried that someone has steady submitted the issue and yours will be closed as a duplicate.

    Do you have experience in this field ?
    If so I have a few more questions


Advertisement