Wyze bug bounty program

In light of the recent data leak, Wyze should start a bug bounty program with hackerone or bugcrowd, so that security researchers can find and report security vulnerabilities before the bad guys find and exploit them. It would also help prevent having articles published before a fix can be made. Wzye wouldn’t even have to offer a reward, as some people do it just for fun, but it would be much more enticing to look for issues if they did.

If any security researchers or hackers find a vulnerability, they would want to report it to get paid, whereas now they might disclose or exploit it before it’s fixed.

I second this. :slight_smile: I already privately suggested it, actually. http://hackerone.com is a good service that facilitates it.

2 Likes

I third this! (Is that a thing?) But for the record as a beta tester I have always found them very responsive to bug reporting.

1 Like

Bug bounty programs are a little different. For one thing, they generally only apply to production apps, not beta. But it’s generally less about things that don’t work smoothly, and more about security issues. There are a lot of talented white-hat hackers who make a living basically trying to break through different companies’ security. When they find an issue, it gets reported directly to the company so that they can address it before it becomes a problem.

4 Likes

Oh I know, did not mean to mix the two up. I think a bug bounty, if well managed, would be great. That’s why I voted for it.

2 Likes

Yeah. If it’s an official program, especially one managed through a third-party service that already has a lot of freelance white-hat hackers, they’d basically attract more “talent,” as opposed to just the people like us, who like to tinker around with beta. (Not that we’re not talented, of course. Haha.)

1 Like

I applied to patent myself as a “unique” talent but the patent office had the nerve to deny my patent application. The cheek of those folks!

2 Likes

Glad to see this is in researching!

2 Likes

Landscape mode not working. Oh… wait, that’s a feature.