Opened 5 months ago

Last modified 5 weeks ago

#30601 new enhancement

Please add link to HackerOne bug bounty portal to contacts for security issues

Reported by: gk Owned by: hiro
Priority: Medium Milestone:
Component: Webpages/Website Version:
Severity: Normal Keywords: doschackathon
Cc: traumschule, trac-dip-importer Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

We have a bug bounty program for Tor and Tor Browser at HackerOne. We should add a link to it when talking about reporting security bugs on https://www.torproject.org/contact/.

Child Tickets

Change History (3)

comment:1 Changed 5 months ago by cypherpunks

at HackerOne

So you trust HO to receive info about vulnrs before you have received them. A damn smart idea. Though do bug bounty through Vupen, Zerodium and Hacking Team may be even better idea.

comment:2 Changed 5 weeks ago by ggus

Keywords: doschackathon added

Hi GeKo, is this the right link to include? https://hackerone.com/torproject

comment:3 in reply to:  2 Changed 5 weeks ago by gk

Replying to ggus:

Hi GeKo, is this the right link to include? https://hackerone.com/torproject

Yes.

Note: See TracTickets for help on using tickets.