Hacker News new | past | comments | ask | show | jobs | submit login

> Offered and declined a financial bounty for the report due to policy on not being able to publicly disclose even after the vulnerability was patched.

They seem to pay bug bounties if you agree to keep it down.

that's not a bug bounty, that's reputation management

That’s a polite way of calling it what it really is — “hush money”.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact