Opened 14 months ago

Closed 7 months ago

#30601 closed enhancement (fixed)

Please add link to HackerOne bug bounty portal to contacts for security issues

Reported by: gk Owned by: hiro
Priority: Medium Milestone:
Component: Webpages/Website Version:
Severity: Normal Keywords: doschackathon
Cc: traumschule, trac-dip-importer Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

We have a bug bounty program for Tor and Tor Browser at HackerOne. We should add a link to it when talking about reporting security bugs on https://www.torproject.org/contact/.

Child Tickets

Change History (4)

comment:1 Changed 14 months ago by cypherpunks

at HackerOne

So you trust HO to receive info about vulnrs before you have received them. A damn smart idea. Though do bug bounty through Vupen, Zerodium and Hacking Team may be even better idea.

comment:2 Changed 10 months ago by ggus

Keywords: doschackathon added

Hi GeKo, is this the right link to include? https://hackerone.com/torproject

comment:3 in reply to:  2 Changed 10 months ago by gk

Replying to ggus:

Hi GeKo, is this the right link to include? https://hackerone.com/torproject

Yes.

comment:4 Changed 7 months ago by ggus

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.