Slashdot Mirror

← Back to Stories (view on slashdot.org)

PayPal Reviewing Qualifying Age For Vulnerability Rewards

Posted by Unknown on from the break-it-before-you-can-use-it dept.

itwbennett writes "In follow-up to 17-year old Robert Kugler's claim that PayPal denied him a bug bounty because he was under 18, the company now says that it is 'investigating whether it can lower the qualifying age for vulnerability rewards for those who responsibly report security problems.' The company also said that the vulnerability had already been reported by another researcher — although they didn't mention that in the email to Kugler telling him he wouldn't be receiving payment."

2 of 95 comments (clear)

  1. Re:Why restrict it at all? by idontgno · · Score: 5, Insightful

    If anything, it's a learning experience.

    Indeed. A valuable lesson for any impressionable youth to learn: Paypal will work very hard to screw you out of anything it can. Unless the PR blowback gets bad enough.

    (Paypal can apparently tolerate a certain low buzz of "Paypal sucks". They have considerably more trouble with Streisand-amplified flack.)

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  2. Re:Award scholarships for under-aged people by Synerg1y · · Score: 5, Informative

    OP is a dumbass, there aren't any legal complications here, just policy:

    Kugler has a record for finding security problems. He's received two payments for US$4,500 from Mozilla for finding two problems in its Firefox browser and also was listed as a noted security researcher by Microsoft last month.

    Mozilla had no problem paying him.