73 sats \ 2 replies \ @k00b 16 Apr \ on: All that is wrong with bug bounty in a single image security
It's complicated on their end too. How would they know if you were reporting the same vulnerability from several sockpuppets?
Even though hashing language is very imprecise as I can form the same idea many ways I think hashing your vulnerability and then seeing if that hash has already been reported is an interesting thought experiment
reply