

Yahoo Bug Bounty Program is Now Live - michiel3
http://yahoodevelopers.tumblr.com/post/65622522325/the-bug-bounty-program-is-now-live

======
ck2
A big yahoo bug is you cannot register an account without giving them a mobile
phone number.

I don't own a mobile phone with a phone number.

Very strange way to register people.

~~~
fourstar
Please email marissamayer@tumblr.com to claim your $15,000.

------
tuananh
Not long ago, there was a submission about a bug reporter didn't get any kind
of reward (except a coupon) for reporting a bug for Yahoo!

Kudos to Yahoo! for listening to community's feedback.

~~~
michiel3
Relevant blog post by Yahoo! from earlier this month:

[http://yahoodevelopers.tumblr.com/post/62953984019/so-im-
the...](http://yahoodevelopers.tumblr.com/post/62953984019/so-im-the-guy-who-
sent-the-t-shirt-out-as-a-thank-you)

------
alanbyrne
Shame that Microsoft still have such a terrible bug bounty programme.

[http://www.microsoft.com/security/msrc/report/bountyprograms...](http://www.microsoft.com/security/msrc/report/bountyprograms.aspx)

------
jfren
"we promised to that our program will would address the following areas:"?!

------
smoyer
But I wanted the tee-shirt! (we're never happy)

~~~
chriskelley
The rewards bullet point says you can still get a shirt if you want. Hope is
not lost!

------
devx
Someone you should tell them about the mother of all security bugs: NSA has
full access to their datacenters.

They might want to fix that one first, before caring about the tiny little
ones. It doesn't look like they are in a hurry to fix that one yet, though:

[http://www.washingtonpost.com/blogs/the-
switch/wp/2013/10/30...](http://www.washingtonpost.com/blogs/the-
switch/wp/2013/10/30/even-after-nsa-revelations-yahoo-wont-say-if-it-plans-to-
encrypt-data-center-traffic/)

