Comment by Cthulhu_
1 year ago
> Paying for a team or outside pentesters to attempt to find this would be _way_ more expensive.
But doesn't Google have teams of internal pentesters already? You could hire dozens of external companies and they might not find it.
This system is a "no cure, no pay" approach. I do think they should have paid the reporter a lot more though.
No comments yet
Contribute on Hacker News ↗