press Dec 22, 2016 · The Parallax
What’s in a bug bounty? Not extortion
The Parallax published an analysis of the Uber data breach cover-up and the distinction between legitimate bug bounty payments and extortion. Casey Ellis examines how the circumstances surrounding Uber's handling of the breach illustrate the ethical and legal boundaries in responsible vulnerability disclosure.
Source description — as published
An analysis of the Uber data breach cover-up, exploring the fine line between a legitimate bug bounty payment and an extortion payment.