Wholeheartedly agreed. Not to mention that it's extremely rude to demand
fame/money like that. These are not security researchers, they're skids.
(Please disregard the previous email, pressed the wrong reply button and
realized it too late..)
On 6/5/20 11:53 AM, Ondřej Surý wrote:
The localhost.<foo> is not scam, but the
„I found this on HackerOne and I now want money“ is scam.
Remove the localhost entry from the zone, but you should not pay money
for issues that can be produced by automated scanners.
HackerOne is doing everyone disfavor by paying nonsensical amounts of
money[*] for small issues like this. They (and other wealthy companies)
should be paying money only for original security research and not this
nonsense.
* $100 is a helluva money in some economies...
Ondrej
--
Ondřej Surý
ond...@isc.org
--
Met vriendelijke groet / Best regards,
Michael De Roover
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
