Slashdot Mirror

← Back to Stories (view on slashdot.org)

PayPal Reviewing Qualifying Age For Vulnerability Rewards

Posted by Unknown on from the break-it-before-you-can-use-it dept.

itwbennett writes "In follow-up to 17-year old Robert Kugler's claim that PayPal denied him a bug bounty because he was under 18, the company now says that it is 'investigating whether it can lower the qualifying age for vulnerability rewards for those who responsibly report security problems.' The company also said that the vulnerability had already been reported by another researcher — although they didn't mention that in the email to Kugler telling him he wouldn't be receiving payment."

5 of 95 comments (clear)

  1. Why restrict it at all? by HalAtWork · · Score: 3, Insightful

    It's a voluntary process, why would they need to restrict it? It's not like it's forced child labor. If anything, it's a learning experience.

    --
    Twinstiq, game news
    1. Re:Why restrict it at all? by idontgno · · Score: 5, Insightful

      If anything, it's a learning experience.

      Indeed. A valuable lesson for any impressionable youth to learn: Paypal will work very hard to screw you out of anything it can. Unless the PR blowback gets bad enough.

      (Paypal can apparently tolerate a certain low buzz of "Paypal sucks". They have considerably more trouble with Streisand-amplified flack.)

      --
      Welcome to the Panopticon. Used to be a prison, now it's your home.
    2. Re:Why restrict it at all? by TheCarp · · Score: 3, Insightful

      There is only one reason to restrict it...legal CYA. Remember everywhere in the world makes their own laws and many of them have restrictions on what one can do with young people, which includes paying them.

      Does paying a minor, even for such a voluntary action, require parental approval? If a 15 year old submits a bug, gets paid, and uses the money to buy drugs, could the parent sue, claiming they were irresponsible to give so much money to a teenager directly?

      Remember, lawmakers are lazy, they like to be overly broad or not think things through, I could totally see legislative attempts at curbing anything from drug use to underage prostitution hamfistedly creating problems here. Law is often not limited by its own intentions.

      In the end, I bet the answer has three letters: CYA:

      "What are the implications of allowing people under 18 to submit bugs?"
      "It depends on......."
      "Ok sorry I asked; no submissions from people under 18."

      --
      "I opened my eyes, and everything went dark again"
  2. Can't 'Legally' Pay a 17-Year-Old? by CanHasDIY · · Score: 4, Insightful

    Pure, unfiltered bullshit.

    Evidence: 16-year-olds who work at McDonald's.

    C'mon, PayPal; Fuckin' a kid around is bad enough, but then having the balls to lie to his face about why? That's uber-dickish.

    --
    An enigma, wrapped in a riddle, shrouded in bacon and cheese
  3. Re:Award scholarships for under-aged people by davmoo · · Score: 1, Insightful

    Mozilla is not a publicly traded corporation and all profits are plowed back in to Mozilla.

    PayPal's parent eBay, on the other hand, is a publicly traded corporation who's goal is to make a profit for stock holders. Thus laws for it are very different.

    Comparing a Mozilla bug payment to a PayPal bug payment is a very apples to oranges comparison.

    And you need to learn how to debate an issue without attacking others by calling them "dumbass".

    --
    I want a new quote. One that won't spill. One that don't cost too much. Or come in a pill.