Bitcoin Forum
March 28, 2024, 09:56:52 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [BOUNTY] PikaPay Special Announcements  (Read 1229 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic.
pikapay (OP)
Full Member
***
Offline Offline

Activity: 164
Merit: 101


@PikaPay - Easy as a Tweet!


View Profile WWW
September 08, 2013, 11:08:03 AM
 #1


PikaPay's vulnerability bounty program continues.

Many of the valuable contributions you've sent in are inspiring and keep us moving forward!

We believe security is one of the keys to bringing the benefits of Bitcoin to everyone.  To that end we hereby gratefully acknowledge the issues reported and
resolved since we made our last acknowledgements on 14 July.

* URL validation error involving OAuth Redirect
Reported by Charlie Briggs

* Session expiration error on logout
Reported by Satish Bommisetty

* Clever social engineering exploit via parameter variable manipulation
Reported by Ben Holden-Crowther

* Force logout exploit
Reported by Nitesh Shilpkar

* Cookie was found that required secure + HTTP only flags
Reported by Shubham Raj

Each of the issues listed here qualified for a bounty to the individual who first reported them. Each issue has been carefully investigated and resolved.
We are very grateful to the security researchers who spotted them.

We see security as a project that requires continuous improvement above  almost every other priority, and we appreciate the ongoing attention
received from the security community.

PikaPay thanks everyone who contributed so far.  We launched this program on March 18 (one of the first Bitcoin services to do this).  We intend to keep this program running and to disclose the results to make the community safer.

Whether you have or haven't qualified for a bounty so far, your work is appreciated.  We encourage you to keep looking and testing PikaPay.

PikaPay




Security@pikapay.com is the address of PikaPay's security team.

The bounty program rules are here: bit.ly/14J1YZz




Even if you're not interested in the bounty, please come check out PikaPay.com.

We have a full and open API with documentation at Github.com/PikaPay.

We welcome suggestions and critique.  We still have a lot of improvement coming.

We're hard at work to make this service into something unique, and any suggestions, questions and critique are very important to us.  Write to us: hello@PikaPay.com


BitcoinWednesday.com - The monthly conference on the digital currency revolution in The Netherlands.

Every 1st Wednesday of the month in Amsterdam: Meetup.com/BitcoinWednesday

---------------------


- The Easiest Way to Send Bitcoin to Anyone on Twitter
The future of cash has no borders.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!