

Paypal encourages selling bugs privately rather than responsible disclosure - babawere
http://seclists.org/fulldisclosure/2013/May/181

======
csense
Good grief. Do the right thing, and pay the kid's parents if your legal
department balks at cutting him a check directly.

But Paypal is such an awful company to its customers, what are the odds
they'll do the right thing w.r.t. independent security researchers?

I hope this kid sues their pants off and gets attorney fees and triple damages
if they balk at demanding payment. Any HN readers know any lawyers willing to
take a case contingency or pro bono?

Or alternatively he could just sue in small claims court.

~~~
babawere
Good Thinking .. the parents should have been paid not redirect him to a
security terms ...

How many people even read that this days

