Pornhub Launches Bug Bounty Program; Offering Reward up to $25,000 by Swati Khandelwal.
From the post:
…
The world’s most popular pornography site PornHub has launched a bug bounty program for security researchers and bug hunters who can find and report security vulnerabilities in its website.Partnered with HackerOne, PornHub is offering to pay independent security researchers and bug hunters between $50 and $25,000, depending upon the impact of vulnerabilities they find. (emphasis in the original)
…
As always, there are some exclusions:
…
Vulnerabilities such as cross-site request forgery (CSRF), information disclosure, cross domain leakage, XSS attacks via Post requests, HTTPS related (such as HSTS), HttpOnly and Secure cookie flags, missing SPF records and session timeout will not be considered for the bounty program.
…
I take “information disclosure” to mean that if your hack involves NSA credentials it doesn’t count. Well, you can’t make it too easy.
The program is in beta so see Swati’s post for further details.
This PornHub program benefits people asked awkward questions about their browsing history.
Yes, you were looking at PornHub or related sites. You were doing “security research.”
Being in HR or accounting may make that claim less credible. 😉