White hat security has got to be one of the most important but thankless fields in computer science today.
At best, there are bug bounties that may or may not be worth it depending on the severity of what you find and how many hours you poured into it.
Frequently, you get shit like this where the threat of imprisonment is very real (not that I think anything will come of this because it would be a PR nightmare, but the threat still looms).
And of course, at worst, we all can read about what happened to weev (admittedly exacerbated by him being a complete tool).
My problem is this line: "As a professional penetration tester, Homakov knows better than most people that hackers should never access someone else's computer network or account without explicit permission."
He did neither of this. He used forms that Starbucks had in place (which they expect customers to use).
> But Homakov seems to act as if he had some special ethical and legal right to make the fraudulent purchase, even though Starbucks had never asked for his security services.
I don't get why Ars is harsh against him. $1.70 is a grand scheme of things is nothing. Even if he was using it for x10 more without paying it back, it's still nothing.
From my own experience, actually making the purchase is likely to be perceived negatively. He had already successfully demonstrated the race condition allowing the transfer, so he had enough to clearly make his point. That stated, were I in Starbucks' position I'd lead with a big "thank you" before explaining the liabilities and why he shouldn't go so far to make his point in the future.
Also, in the interest of full disclosure, I should state that my team has interacted with Homakov on a number of Chrome vulnerability reports. In my experience he's very sharp, he finds interesting bugs, and my impression is that he's generally trying to do the right thing. However, I can definitely see how his communication style might not come across very well, particularly to a security team that's not used to dealing with the security research community.
At best, there are bug bounties that may or may not be worth it depending on the severity of what you find and how many hours you poured into it.
Frequently, you get shit like this where the threat of imprisonment is very real (not that I think anything will come of this because it would be a PR nightmare, but the threat still looms).
And of course, at worst, we all can read about what happened to weev (admittedly exacerbated by him being a complete tool).