Finding a Bug - page 6. | Bitcointalksearch.org

ultrloa

legendary

Activity: 2758

Merit: 1228

Quote from: Sling0 on December 31, 2023, 12:55:34 PM

How does someone go about reporting a bug to a casino a still hold casino accountable to pay a bounty?

If there's a running bug bounty campaign on a casino then contact the representative about bugs you find out and for sure you get rewarded. But if they don't have any and still you find out something that can possibly affect their user then try to reach up their support then tell what you discover then ask about possible rewards about the but you had notice. If they are generous to reward you about things you find out then its good but you also need to know that this will depend on the severity of the bug you found since if they find it not so big then you might not get any rewards.

But still give a shot to discuss this matter to them since for sure they might take a look on the reports you made since for sure they value more the security of their casino.

Wiwo

hero member

Activity: 1022

Merit: 667

Top Crypto Casino

Quote from: electronicash on December 31, 2023, 02:08:16 PM

Quote from: Wiwo on December 31, 2023, 01:52:23 PM

maybe ask first if they pay users who find bugs. asking for the fee before revealing the bug i think will make sense, just make sure the bug is critical and can affect the profit of the casino.

it's hard to do this however because for you to be able to know it's a critical bug you have to exploit it as well. and then if they find out you exploited to gain then you will not be paid. this is a dilemma. Cheesy

Most of the casino already have a fixed amount when they announce a bug bounty and some time it fixed and if the gambler who found the bug is verified not to have exploited the bug before reporting the bug and also, casinos pay well for bug bounty since it helps them to save losing huge from such bug.

So it settled deal and the casino stands to benefit more from this than the gambler himself, The majority of the bbugsa left unnoticed for a while and that has led to the collapse of many casino platforms.

So to avoid such incidents, casinos will pay a good amount to make sure they operate without bugs availabilities.

acroman08

legendary

Activity: 2436

Merit: 1104

Quote from: Sling0 on December 31, 2023, 04:12:53 PM

In my opinion it's a substantial bug but again I'm not qualified or educated enough on it. But if I can exploit it then others would have fun. Very reputable casino with a large reach. I've contacted support and waiting. No bounty page on their site but for sure reputable so I hope they would compensate given the bug.

looking forward to what they have to say when you show them what bug you found, I am also curious about which casino you found this bug on and what issue/exploit the bug is causing(would you mind sharing what casino it is? you don't have to if you don't want to share the name of the casino).

iv4n

legendary

Activity: 3248

Merit: 1179

Quote from: Sling0 on December 31, 2023, 12:55:34 PM

How does someone go about reporting a bug to a casino a still hold casino accountable to pay a bounty?

Well, it's hard to be ethical here... finding a bug should get you a reward, but not all casinos have a "bug bounty". So before you report some bug try to speak with their support and if they can refer you to some admins. Before revealing your cards try to talk about it, and maybe you can get something in return. Sadly, not all casino owners/managers are fair. So if you share what you know with them before any deals you can stay without any reward.

MainIbem

sr. member

Activity: 1316

Merit: 379

Fully Regulated Crypto Casino

Quote from: Sling0 on December 31, 2023, 12:55:34 PM

How does someone go about reporting a bug to a casino a still hold casino accountable to pay a bounty?

If you find any bug in casino and you report the bug they won't pay for it but rather will make adjustments, except they set a bounty for it before you could be paid for the bug you find. There are proper ways of reporting bugs and you need to submit using the formats the casino night provide on their bug bounty report, otherwise except they wanna reward you for the time being maybe it could from the technical team or something so.

Hispo

legendary

Activity: 1162

Merit: 2025

Leading Crypto Sports Betting & Casino Platform

Quote from: JeromeTash on December 31, 2023, 04:26:21 PM

Quote from: Sling0 on December 31, 2023, 04:12:53 PM

-

I do hope they hear you out or at least pay you handsomely for the bug. Some brands are so mean when it comes to paying out bug bounties yet if the person inside decided to exploit the bug, they could cause some reasonable loses to the service.

I saw a scenario where a service refused to listen to someone who had discovered a bug, claiming they had no bug bounty. Some months later, a bad act discovered the bug and exploited it. The service suffered huge losses as a result.

Hopefully he will get some bounty if the bug is actually critical or have some relevance, but let us be honest, in the most of the times when comes to security and claiming bugs developers and white hat hackers are not only supposed to find the bugs and disclose them to the services/casinos in a responsible way, but have good enough communicative skills for them to explain what the bug/exploit is about and what could have happen have not they figured it out before a malicious actor.
Since I am pretty sure costumer service does not have any power to grant money to people who find bugs or exploits, they will likely transfer the case to the security department, and from the security department to some administration to decide whether the problem found deserves some money as compensation.
Sadly, sometimes the compensation of these kinds of situation highly depend on someone who handles some of the money of the casino and has no idea about coding or security. If one is not able to convince the security staff of the gravity of a exploit, it is very unlikely the security employee will end up convincing the one person who is supposed to approve the reward . Roll Eyes

BitcoinPanther

hero member

Activity: 1918

Merit: 564

As far as I know casino who wanted to reward its users to find a bug had it in their program. If bug is found by the user, they need to report it to the support staff then the support staff will forward it to the technical team for verification. The casino who is true to their words to reward users if bug were found will surely reward the person who found and reported the bug but there are some instances where a player reports a bug and yet the casino do not reward the player saying that it was already found out or they already know the existence of the bug.

So it is 50/50 for the player that reported a bug to get rewarded.

JeromeTash

legendary

Activity: 2338

Merit: 1261

Heisenberg

Quote from: Sling0 on December 31, 2023, 04:12:53 PM

In my opinion it's a substantial bug but again I'm not qualified or educated enough on it. But if I can exploit it then others would have fun. Very reputable casino with a large reach. I've contacted support and waiting. No bounty page on their site but for sure reputable so I hope they would compensate given the bug.

I do hope they hear you out or at least pay you handsomely for the bug. Some brands are so mean when it comes to paying out bug bounties yet if the person inside decided to exploit the bug, they could cause some reasonable loses to the service.

I saw a scenario where a service refused to listen to someone who had discovered a bug, claiming they had no bug bounty. Some months later, a bad act discovered the bug and exploited it. The service suffered huge losses as a result.

Sling0

newbie

Activity: 12

Merit: 0

In my opinion it's a substantial bug but again I'm not qualified or educated enough on it. But if I can exploit it then others would have fun. Very reputable casino with a large reach. I've contacted support and waiting. No bounty page on their site but for sure reputable so I hope they would compensate given the bug.

Potato Chips

hero member

Activity: 2786

Merit: 902

yesssir! 🫡

Quote from: Sling0 on December 31, 2023, 02:16:38 PM

Thanks for the reply all. I did contact support and let them know of a possible issue but before I went farther I wanted to make sure because I didn't really get a commitment to a bounty pay. I'm not the most tech savvy but so if I can get it to happen someone who knows what their doing can be rich. Maybe

Perhaps, try to look for a dedicated page for bug bounty or an announcement. Also, I think if it's a reputable casino, there's a good chance, people have discussed about the same thing in a gambling message board.

In any case, it will be up to discussion and you'd have to wait for the casino in question's answer -- whether they're willing to reward people for bug tip-offs and if your case does qualify for it.

Sling0

newbie

Activity: 12

Merit: 0

Thanks for the reply all. I did contact support and let them know of a possible issue but before I went farther I wanted to make sure because I didn't really get a commitment to a bounty pay. I'm not the most tech savvy but so if I can get it to happen someone who knows what their doing can be rich. Maybe

electronicash

legendary

Activity: 3178

Merit: 1054

Quote from: Wiwo on December 31, 2023, 01:52:23 PM

First what is the casino's stance on bug because as far as I know, some casinos declare a bounty on bugs and if anyone fines those bugs them you get your payment, but if the casino hasn't declared a bounty it may be hard to get something out of them, best you can do in that situation is just to approach the casino and inform them of the bugs.

Sometimes there are cases of gamblers taking advantage of those bugs and along the line, the casino may deny them their winnings.

maybe ask first if they pay users who find bugs. asking for the fee before revealing the bug i think will make sense, just make sure the bug is critical and can affect the profit of the casino.

it's hard to do this however because for you to be able to know it's a critical bug you have to exploit it as well. and then if they find out you exploited to gain then you will not be paid. this is a dilemma. Cheesy

Wiwo

hero member

Activity: 1022

Merit: 667

Top Crypto Casino

First what is the casino's stance on bug because as far as I know, some casinos declare a bounty on bugs and if anyone fines those bugs them you get your payment, but if the casino hasn't declared a bounty it may be hard to get something out of them, best you can do in that situation is just to approach the casino and inform them of the bugs.

Sometimes there are cases of gamblers taking advantage of those bugs and along the line, the casino may deny them their winnings.

Eternad

hero member

Activity: 1400

Merit: 623

Quote from: Sling0 on December 31, 2023, 12:55:34 PM

How does someone go about reporting a bug to a casino a still hold casino accountable to pay a bounty?

You should check first with the support about their terms about bug bounty since not all casino rewards user that report a bug especially if it’s not that critical. There’s many incidents here that casino decline payment because they “fix the bug” right after the user reported it and claiming that they are onto it before it was reported.

This is why you should record everything as proof before you report it to the support once you confirmed that they have bug bounty program.

seoincorporation

legendary

Activity: 3346

Merit: 3125

Quote from: Sling0 on December 31, 2023, 12:55:34 PM

How does someone go about reporting a bug to a casino a still hold casino accountable to pay a bounty?

Most casinos would pay a bug bounty if the bug is critical, you should contact the support on the site and ask for the right way to report the bug, maybe the site has an special mail for that.

And remember, if you exploit the bug your account will be closed and you will not get a bounty, that's why is important to report it as fast as you find it.

Sling0

newbie

Activity: 12

Merit: 0

How does someone go about reporting a bug to a casino a still hold casino accountable to pay a bounty?

Topic: Finding a Bug - page 6. (Read 650 times)