Hacker Newsnew | comments | show | ask | jobs | submit login

He didn't put the bugs there, he only discovered information that already existed. He can't be blamed for hurting anyone.

It's easier to work for free like this if it is an open source group or a non-profit. It's a bit harder when it's a $100 billion company. If they don't compensate security researchers, let them find their own bugs.

Applications are open for YC Winter 2016

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact