Anyone else have any experiences of trying to report issues like this? I want to be rewarded for my time verifying the issue without taking advantage of it and alerting someone about it, too, so I'm also just worried about giving the info out and having them come up with some excuse like "oh it just needed a restart it's fine now, that's not a bug."
If there's no bug bounty campaign, then you can't expect the site to reward you but if you're talking with the good site probably they'll appreciate your effort and will give you some free draws. The site will surely notice that later on, and those who abuse that bug might face a big problem later on. Just tell the site about it if you really want to help that site, if not then no one is forcing you to do this. Bug on a site is quiet normal for a new site, usually they run a lot of test to see that bug until they become a better site. 
Topic: How best to report vulnerabilities? - page 4. (Read 659 times)
So I discovered a bug affecting a mode of play at OwlGames casinos that results in certain games rewarding more money than they should. I tried to report it to OwlGames but was told that they have no bug bounty program and to "enjoy the bug" (not kidding). (of course their docs say that any "exploit" can result in not being paid out, but it's not an exploit if it's simply how things run under the given conditions - not that that would stop them from screwing someone over I'm sure)
Their poor attitude certainly doesn't do much to make me want to help them out anymore although that was my intent.
But since it is only certain games, from 1 provider, should I try to contact that provider instead? It's possible I imagine that it's not just OwlGames that might possibly lose money to the issue, though I really don't know.
I guess since these are casinos, losing a couple hundred to a few players every few days that would otherwise not have won anything maybe is just a drop in the bucket. But I found it so strange that they immediately just alerted me that they have no bounty program. Aren't casinos supposed to be pretty protective of their money even if they have a ton of it?
Anyone else have any experiences of trying to report issues like this? I want to be rewarded for my time verifying the issue without taking advantage of it and alerting someone about it, too, so I'm also just worried about giving the info out and having them come up with some excuse like "oh it just needed a restart it's fine now, that's not a bug."
Their poor attitude certainly doesn't do much to make me want to help them out anymore although that was my intent.
But since it is only certain games, from 1 provider, should I try to contact that provider instead? It's possible I imagine that it's not just OwlGames that might possibly lose money to the issue, though I really don't know.
I guess since these are casinos, losing a couple hundred to a few players every few days that would otherwise not have won anything maybe is just a drop in the bucket. But I found it so strange that they immediately just alerted me that they have no bounty program. Aren't casinos supposed to be pretty protective of their money even if they have a ton of it?
Anyone else have any experiences of trying to report issues like this? I want to be rewarded for my time verifying the issue without taking advantage of it and alerting someone about it, too, so I'm also just worried about giving the info out and having them come up with some excuse like "oh it just needed a restart it's fine now, that's not a bug."
I know right. Even I remember once when I found one or two issues on a site which didn't have any bug bounty program.
I tried contacting the support but never received any response. I guess in these situations it's best to leave the bug just like that.
Now that money is involved here may be you can try posting it on their social media handles but even then if they don't care to fix the bug then just leave it as it is.
You have already done your job of informing them.
Yeah bugs can be easily removed through live chat when choosing a live chat, you need to consider the variety of games available and which software providers are powering the live chat casino. Unfortunately, not all online casinos have a large live chat game range yet online casinos offer reliable and high quality video streaming live games with an excellent selection of live games, among other game types extreme live gaming.
If I find a bug, I will notify live chat so they can immediately fix it and not be abused by other people who might see the bug to take advantage of the casino. Even though the casino doesn't give prizes to people who find the bug, I don't think about it because it's a casino where I play, and I don't want to see it getting abused by other members. But this depends on each person because some try to take advantage of the bug for their own benefit without telling the casino, and after they get it, they tell the casino.
That is certainly a weird reaction from the staff of Owlgames... does not sound completely professional. 
About bug reporting, I have never encountered a bug or exploit myself. I would certainly report it to the costumer support and hopefully receive some award, even if there was no bug disclosing program, I would do it, that way other people would not go through the bad experience of getting their accounts temporally blocked or their balances changed, after the casino eventually finds the error.
About bug reporting, I have never encountered a bug or exploit myself. I would certainly report it to the costumer support and hopefully receive some award, even if there was no bug disclosing program, I would do it, that way other people would not go through the bad experience of getting their accounts temporally blocked or their balances changed, after the casino eventually finds the error.
I am tempted to tell you to make some money for your self since they care less about it, maybe doing this would indeed bring their attention to it, and maybe they would realize how severe the issue is..
I would have advised the same but @OP might get a conflict and maybe resulted in a banned account since the casino had know that @OP know a bug, exploiting it will make him breach any contracts and will cause account termination.
But based on what i said above, and since they don't seem to understand the gravity of what you are pointing out to them, i would advice that you exploit them through the bug, but don't spend the money, send the money gotten from the exploit back to them and ask them to reward you accordingly..
What i sense with them is that, they probably think you are one of those trolls looking for how to extort money from them, exploiting them through the bug(like i said before) will bring their attention to how severe the issue is and they will give you the attention you deserve.
What i sense with them is that, they probably think you are one of those trolls looking for how to extort money from them, exploiting them through the bug(like i said before) will bring their attention to how severe the issue is and they will give you the attention you deserve.
that is good advice, that will definitely put them on their toe if they saw proof of the bug. but of course don't get your hopes high on getting a reward, as they stated, they don't have any bug bounty so it might be considered voluntary work.
I think OwlGames should do better job screening their employees. You have been talking to some low paid intern that has no skin in the game what so ever, someone who would do absolute minimum when it comes to their responsibility. Because no casino or site dealing with that much money would take potential exploits lightly.
You have done more then enough for them but if the development team hears about this the person you talked with surely gets fired. If they shrug their shoulders i would avoid OwlGames. But i think they would take this seriously if the word got trough.
No company would definitely taking those bug or exploit reports lightly because that would really be resulting into huge damage or loss if it would really be just ignored because someone could really be able to abuse it out and would really be making some huge effect in terms of revenue of the said platform.I do see the same reason that he might be able to reach out a staff on support who doesnt really just want You have done more then enough for them but if the development team hears about this the person you talked with surely gets fired. If they shrug their shoulders i would avoid OwlGames. But i think they would take this seriously if the word got trough.
to bare up with those issues and just reject it out which we know that this is really that something crucial which needs to be resolved and not something to be rejected.
It is really that impossible if you do ask me.
I think OwlGames should do better job screening their employees. You have been talking to some low paid intern that has no skin in the game what so ever, someone who would do absolute minimum when it comes to their responsibility. Because no casino or site dealing with that much money would take potential exploits lightly.
You have done more then enough for them but if the development team hears about this the person you talked with surely gets fired. If they shrug their shoulders i would avoid OwlGames. But i think they would take this seriously if the word got trough.
You have done more then enough for them but if the development team hears about this the person you talked with surely gets fired. If they shrug their shoulders i would avoid OwlGames. But i think they would take this seriously if the word got trough.
~snip~
Anyone else have any experiences of trying to report issues like this? I want to be rewarded for my time verifying the issue without taking advantage of it and alerting someone about it, too, so I'm also just worried about giving the info out and having them come up with some excuse like "oh it just needed a restart it's fine now, that's not a bug."
^Sometimes there are gambling casinos that don't have a bug bounty but most commonly, there is a bug bounty campaign here sometimes and I think that is the right decision because it is either them or the gamblers who will suffer if there is a bug. Just report it and you are done, if you don't want to exploit it to others, just report it and don't exp[etc nothing because they barely give a value to their bug. Probably they will take action without knowing you because they are already aware. However, probably also you were wrong or they already are but they don't take an action. Anyone else have any experiences of trying to report issues like this? I want to be rewarded for my time verifying the issue without taking advantage of it and alerting someone about it, too, so I'm also just worried about giving the info out and having them come up with some excuse like "oh it just needed a restart it's fine now, that's not a bug."
if there really is a bug in their game of course this should be a serious concern for them, but if indeed they feel it's not a bug I think you also need to provide complete evidence to give them confidence not just a screenshot or you can use it with another way to let them know, to my knowledge there aren't many casinos that provide bug bounties
I don't know about owlgames casino,I know about the bigger ones sure they may not offer a bug bounty to people finding bugs but they take such claims very seriously and pass the matter to their technical team to verify such claims.If provided video evidence which for me would be the best,things can be taken more seriously from the casino mentioned here,they probably should take such claims much more seriously and their technical team should be upgraded as a minimum if it happens that the bug is true.I find that answer "enjoy the bug" really worrying about their behavior.
Even a tiny bug or glitch might affect the satisfaction of their customer and they can lose them. Or it could be that Owlgames is only confident about their platform and they think it was bug free? They even have that "enjoy the bug" reply. If I am the one who got a reply like that then I will take that as a challenge to try and empty their money. Let see if who will cry later on.
I tried to report it to OwlGames but was told that they have no bug bounty program and to "enjoy the bug" (not kidding).
wow, what a shitty support team they have. would you mind posting a screenshot of it? But since it is only certain games, from 1 provider, should I try to contact that provider instead? It's possible I imagine that it's not just OwlGames that might possibly lose money to the issue, though I really don't know.
try contacting the game provider where the supposed bug is happening and then ask them whether they have a bug bounty program, and if they don't, ask them whether they could pay you for discovering a bug in their game and if they don't want to pay you then it is up to you whether you'd tell them what the bug is or not. 
I think it's likely that you weren't very convincing in telling their team about the bugs you found. I mean, did you when telling their team a few bits to further convince their team to consider it all?
bugs that occur in casino games must be taken seriously and it is very impossible for the team to ignore this and the team should take this bug seriously.
I appreciate your work but if indeed their team really ignores you, you also have the right to look for bugs elsewhere to help other casinos who can appreciate you.
Probably the support team were not active at the time of the report. The OP has done is best of seeing the leakage (bug) and further to inform the casino support team but it was not responded back to him to know whether the bug has been fixed. Op I know their signature campaign and ANN threads are dyfunctional but you can still contact the through pm to inform them about the bug. Because that is a very big situation to be solved before it is too late. But if the casino in question muted your information then they are aware and know what they are doing. bugs that occur in casino games must be taken seriously and it is very impossible for the team to ignore this and the team should take this bug seriously.
I appreciate your work but if indeed their team really ignores you, you also have the right to look for bugs elsewhere to help other casinos who can appreciate you.
I think that they will just fix the bug without any payouts. Or it would be an opportunity to ban winners for bug using. If the OP told what the bug he had find the best way is to fix dialog with support screenshot to have some proves if they fix it. Anyway you can`t get some bounty here, and i even can`t say that casino is cheating if they will fix bug. But it can`t increase my interest to this casino.
I was about to point ops in that direction also, the bug should be reported to support ASAP and if supported with the necessary evidence in a pictural manner it will help the support agent to accept and processe your request. The casino team may have reacted that way because of the fact that at the moment the team is not paying anyone for bug discovery bit in other to protect everyone from this mess, you should continue your contact with them and provide evidence as mentioned,If you're talking about playing dark mystic (Groove)
Don't waste your time, it only works in demo mode
Anyone else have any experiences of trying to report issues like this? I want to be rewarded for my time verifying the issue without taking advantage of it and alerting someone about it, too, so I'm also just worried about giving the info out and having them come up with some excuse like "oh it just needed a restart it's fine now, that's not a bug."
some exploit or bug then better to make use of it and that would surely caught up their attention.If you do tend to help then you wont really be worrying whether they would be holding your funds or not
as long you are really that minding about protecting them and giving that fair way or winning.
I think it's likely that you weren't very convincing in telling their team about the bugs you found. I mean, did you when telling their team a few bits to further convince their team to consider it all?
bugs that occur in casino games must be taken seriously and it is very impossible for the team to ignore this and the team should take this bug seriously.
I appreciate your work but if indeed their team really ignores you, you also have the right to look for bugs elsewhere to help other casinos who can appreciate you.
bugs that occur in casino games must be taken seriously and it is very impossible for the team to ignore this and the team should take this bug seriously.
I appreciate your work but if indeed their team really ignores you, you also have the right to look for bugs elsewhere to help other casinos who can appreciate you.
I was paid remuneration only by a few projects, they are on bitcointalk. When I tried to contact the provider, half of them just ignore me.
I think that they will just fix the bug without any payouts. Or it would be an opportunity to ban winners for bug using. If the OP told what the bug he had find the best way is to fix dialog with support screenshot to have some proves if they fix it. Anyway you can`t get some bounty here, and i even can`t say that casino is cheating if they will fix bug. But it can`t increase my interest to this casino.
I was about to point ops in that direction also, the bug should be reported to support ASAP and if supported with the necessary evidence in a pictural manner it will help the support agent to accept and processe your request. The casino team may have reacted that way because of the fact that at the moment the team is not paying anyone for bug discovery bit in other to protect everyone from this mess, you should continue your contact with them and provide evidence as mentioned, You did your task mate. You didn’t exploit the bug, you reported it to the support team, so consider your work is done. If still now owlgames’s money gets drained out from their site, then they will be the only ones who will be responsible for this. Their immature behaviour and attitudes to such reports will surely land them into some trouble. I am really impressed by you OP that in this cruel world, where people are ready to do anything for making money, you thought about the site. Yes contacting the game service provider will be the ideal decision now.
This is what I think as well, I mean the OP found a bug and instead of keeping quiet about it and taking advantage of it they decided to alert the casino about the possible consequences of this bug for them.But for some reason it seems the casino disregarded their report and at least for now it does not seem as if they will do anything to try to correct it, in my opinion the OP has already done enough and should not feel responsible at all if another gambler finds out the bug, takes advantage of it and the casino loses a huge amount of money as a result for their negligence.
I think that they will just fix the bug without any payouts. Or it would be an opportunity to ban winners for bug using. If the OP told what the bug he had find the best way is to fix dialog with support screenshot to have some proves if they fix it. Anyway you can`t get some bounty here, and i even can`t say that casino is cheating if they will fix bug. But it can`t increase my interest to this casino.
You already reported the matter to the platform. If they didn't receive it well, then it's not your problem anymore. It's up to you if you want to notify the game providers about the certain bug. Most probably they won't reward you, but at least you will receive some kind of gratitude to them through words. It's just funny how the gambling platform, which has a lot of stake in this matter than you do, treats this matter as if it's a non-issue. Well, they can always remove the game on their list of games so maybe that's why they responded that way.
Jump to: