PayPal Starts Bug Bounty Program

Trailrunner7 writes "PayPal is the latest company to join the ranks of software vendors and Web properties that offer bounties to security researchers who privately disclose new bugs to them. The company isn't saying how much it will pay for each bug, just that its security team will determine the severity of each flaw as well as the ultimate payout. PayPal's decision to offer financial incentives to researchers follows the establishment of similar programs by companies including Google, Mozilla, Facebook, Barracuda and others. Google's bug bounty program may be the most well-known and comprehensive, as it includes bugs not just in its software products such as Chrome, but also its Web properties. The company has paid out more than $400,000 in rewards to researchers since the program began and researchers who consistently find bugs in Google's products can make a nice side income off the program."

hahahahahahahahahaha *cough* *cough* *hack*

[MickyTheIdiot]

Oh my gods.. I can't breathe!

What the hell is this? Since when has Paypal been concerned about quality of service to ANYONE?

Every problem I have ever reported has resulted in a metaphorical slap in the face, tons of paperwork, or both. Everyone is guilty until proven innocent but the scammers who can easily sidestep anything they do and only the honest get punished. Why would this be different with bugs?

Re:Bugs?

[The+MAZZTer]

All software has bugs, it's inevitable. The variables are simply how frequent and how severe these bugs are, based on who programmed the code and how well the QA did their job.

Re:Bugs?

[olivier69]

1) "software" isn't static, so newer bugs can be introduced 2) even properly written and managed software depends on libraries, compilers, systems, all of which can have bugs