daniel:// stenberg://Switching away from Hackerone is not a guarantee... Here we go.
Rev. Johnny Healey@bagder Have you considered a reverse bug bounty where users pay to submit reports? It could be a good funding model.
katlyn@rev_null @bagder that's something that was mentioned in this blog post, and it mentions a few reasons why that approach wasn't chosen right now.
The end of the curl bug-bounty
tldr: an attempt to reduce the terror reporting. There is no longer a curl bug-bounty program. It officially stops on January 31, 2026. After having had a few half-baked previous takes, in April 2019 we kicked off the first real curl bug-bounty with the help of Hackerone, and while it stumbled a bit at first … Continue reading The end of the curl bug-bounty →