Comment by flukus 8 years ago > I might go to jailIs selling exploits illegal? If so is selling them to google also illegal? 3 comments flukus Reply SteveNuts 8 years ago You're not so much selling them to google, you're disclosing them.It's more of a contractual agreement between you and Google, or whatever company you're reporting the vulnerability to.As long as you follow the rules for their bug bounty, you'll be fine. jstanley 8 years ago Telling Google about exploits in Google services in exchange for money is not illegal.Telling them about exploits in other services in exchange for money might be, depending on context.Your parent was talking about the former case. mabbo 8 years ago > Is selling exploits illegal?Maybe. If the FBI decides to build a case against you for it, I'm sure they could find a law to use.> is selling them to google also illegal?I'm disclosing, and Google is granting me a reward. There's... Some difference I'm sure.
SteveNuts 8 years ago You're not so much selling them to google, you're disclosing them.It's more of a contractual agreement between you and Google, or whatever company you're reporting the vulnerability to.As long as you follow the rules for their bug bounty, you'll be fine.
jstanley 8 years ago Telling Google about exploits in Google services in exchange for money is not illegal.Telling them about exploits in other services in exchange for money might be, depending on context.Your parent was talking about the former case.
mabbo 8 years ago > Is selling exploits illegal?Maybe. If the FBI decides to build a case against you for it, I'm sure they could find a law to use.> is selling them to google also illegal?I'm disclosing, and Google is granting me a reward. There's... Some difference I'm sure.
You're not so much selling them to google, you're disclosing them.
It's more of a contractual agreement between you and Google, or whatever company you're reporting the vulnerability to.
As long as you follow the rules for their bug bounty, you'll be fine.
Telling Google about exploits in Google services in exchange for money is not illegal.
Telling them about exploits in other services in exchange for money might be, depending on context.
Your parent was talking about the former case.
> Is selling exploits illegal?
Maybe. If the FBI decides to build a case against you for it, I'm sure they could find a law to use.
> is selling them to google also illegal?
I'm disclosing, and Google is granting me a reward. There's... Some difference I'm sure.