The Tor Project Is Starting a Bug Bounty Program

Discussion in 'privacy technology' started by ronjor, Dec 31, 2015.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
  2. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599
    Nice!
     
  3. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    406
    no word of this yet on the torproject.org site.
    I'm interested to learn whether it extends to vulnerabilities within TorBrowser, or just their "hidden services stuffs".
     
  4. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599
    I hope it results in development going on to handle the "auto/quick update" feature of the TBB. Way too many just click on the quick update from within the bundle. There doesn't seem to be a concern that its not rock solid like updating the linux OS would be. I believe this is a large ding in TBB's armor because given the choice to be lazy most will do so.

    So in keeping with this thread the development would happen after discovery and tweaking of why the auto update feature introduces weakness.
     
  5. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,428
    Nice! I will have to go through the source code again and get some sweet cash!
     
  6. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    406
    Have you previously reported anything?
    FWIW, I have done so twice, more than a year ago... and those bugzilla tickets are still not closed (and are still relevant).
     
Loading...