back to article Student crashes Cloudflare beta party, redirects email, bags a bug bounty

A Danish ethical hacker was able to work his way uninvited into a closed Cloudflare beta and found a vulnerability that could have been exploited by a cybercriminal to hijack and steal someone else's email. Student Albert Pedersen reported the critical vulnerability to Cloudflare via the company's bug bounty program, and was …

  1. Pascal Monett Silver badge
    Thumb Up

    Good for him

    It's good to know that intelligent people are not always working for the bad guys.

    I wish him the best of luck in finding, and reporting, even more bugs.

    1. An_Old_Dog Silver badge
      Thumb Up

      Re: Good for him ... and good on CloudFlare

      ... for paying the bounty as promised, and for fixing the bug.

      Some companies cheat on their bounty offers and/or cover up issues instead of fixing them.

      1. logicalextreme Silver badge

        Re: Good for him ... and good on CloudFlare

        Or even lawyer up against the bug discoverers.

    2. Doctor Syntax Silver badge

      Re: Good for him

      He's not skiving.

  2. CommonBloke

    Pretty low reward

    I do think he deserved a good 15k instead of a paltry 3k, for pretty much catching a very dangerous spying loophole and phishing treasure trove

  3. breakfast Silver badge

    Preparing for a postgrad course with the University Of Life

    Although I was educated entirely in the UK, I still consider myself an alumnus of skive college.

  4. Dr Paul Taylor

    third party mail handling

    Sounds like yet another reason why you should never allow tech giants to mangle your email.

  5. Claptrap314 Silver badge

    "And a job offer"

    Seriously, why doesn't someone like this get an on-the-spot job offer? This kid has already demonstrated more subject mastery than 70% of professional programmers.

    <sigh> We'll probably lose him to a stock trading company.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like