Lack of bug bounties from gambling platforms - page 5.

Wakate

hero member

Activity: 1106

Merit: 535

fillippone - Winner contest Pizza 2022

Quote from: Crypt0Gore on October 06, 2022, 02:50:39 AM

Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.

It seems you are not always current at the service section because I have seen many casinos doing that, asking for review of their platform in the aspect of security, interface and features that will keep their casino up to date and we'll secured. This is mostly done by new casinos that is getting into the casino world and we don't see that frequently.
I think more concentration should be put on that to ensure that user's safety is guaranteed. Checking for vulnerability and safety of casino frequently is very important which I know many big gambling platform used to do with different tools and workers that are checkmating for any possible leak that could lead to loss of asset.

DoublerHunter

hero member

Activity: 2590

Merit: 644

Quote from: Scripture on October 06, 2022, 06:26:54 PM

Quote from: Crypt0Gore on October 06, 2022, 02:50:39 AM

Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.

The site knows how introduce their site and considering to host a bug bounty can also a good one but since it's not mandatory, many site don't have this kind of bounty. There might be a different interpretation when it comes to bug bounties, maybe for them you are just letting gamblers to see the problem with your site which can discourage many gamblers to try the site. Also, just like what the other said here they have the team to handle this, they are being paid for that so for sure they work better as a team.

^ Probably because that is an additional cost to them, they cannot afford to run a bounty campaign to hunt bugs but I remember before there are few gambling casinos doing this and one of them was FortuneJack which was given a link on the first page. That is right, this is not necessary for them and probably instead of doing this they have their own developer who fixes those system errors but the disadvantage is when it is already exploited by the users. However, regarding the question, of whether there is a secure gambling casino, they are not all secure but it depends on their reputation.

Fatunad

sr. member

Activity: 2226

Merit: 347

Quote from: coin-investor on October 06, 2022, 06:22:03 PM

Quote from: Crypt0Gore on October 06, 2022, 02:50:39 AM

Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.

As a player what would you think if a platform is offering a bug bounty, some players might think that the platform is not hacker-proof and there is a lack of security and they need help from bug bounty hunters to patch the security and this will alarm the gambling community, if the script is created by their own developers, they should do this patches in house and not expose it to the public, casino live and thrive on trust, and offering bug bounty will erode that trust.

Administrators and would-be admins of casinos can buy a Whitelabel script because it's created for casinos by experts they are bug and hacker-proof, the Whitelabel sellers should be the ones to launch bug bounty, not the casino operators.

There's no such thing about perfect security but its impossible for business owners to just launch up a bug bounty if they are really that confident that their security team did a good job.
If he had some doubts then he could ran off a bounty but of course the money spent allocation for such bounty do counts on the expense.
Its up to their company if they would launch bounty program but if they do saw its not needed and they havent been hacked and constantly making up some
security upgrades then i dont see for it to be needed.

Scripture

full member

Activity: 1303

Merit: 128

Quote from: Crypt0Gore on October 06, 2022, 02:50:39 AM

Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.

The site knows how introduce their site and considering to host a bug bounty can also a good one but since it's not mandatory, many site don't have this kind of bounty. There might be a different interpretation when it comes to bug bounties, maybe for them you are just letting gamblers to see the problem with your site which can discourage many gamblers to try the site. Also, just like what the other said here they have the team to handle this, they are being paid for that so for sure they work better as a team.

coin-investor

hero member

Activity: 2982

Merit: 597

Leading Crypto Sports Betting & Casino Platform

Quote from: Crypt0Gore on October 06, 2022, 02:50:39 AM

Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.

As a player what would you think if a platform is offering a bug bounty, some players might think that the platform is not hacker-proof and there is a lack of security and they need help from bug bounty hunters to patch the security and this will alarm the gambling community, if the script is created by their own developers, they should do this patches in house and not expose it to the public, casino live and thrive on trust, and offering bug bounty will erode that trust.

Administrators and would-be admins of casinos can buy a Whitelabel script because it's created for casinos by experts they are bug and hacker-proof, the Whitelabel sellers should be the ones to launch bug bounty, not the casino operators.

Punt.com

copper member

Activity: 314

Merit: 13

Bug bounty programs are essential to any online casino. I personally plan on adding a page to our platform, Punt.com, to publicly notify users of our bug bounty program. Although we don't have a dedicated page for the program yet, we do indeed offer bounties for bugs. For example, there have been numerous users over the span of ~2 months that have reported bugs to us via either livechat or email, and we have paid them for their report a sum in proportion to the bug found.

Eureka_07

sr. member

Activity: 1764

Merit: 260

Binance #SWGT and CERTIK Audited

Quote from: Crypt0Gore on October 06, 2022, 02:50:39 AM

.

Usually, bug bounties are held by those websites/system which are just newly launched. Despite of popping of new casinos almost everyday, I haven't seen anyone from them announce a bug bounties. The last one I saw was from FortuneJack.
Regardless, maybe they have very good security team, and system testers on the team that they aren't needed for bug hunt.

crzy

full member

Activity: 2128

Merit: 180

They have the team to handle this to ensure the site will be secured from any cheat or any hackers.
I see bug bounties as a way of marketing as well, if they hosted it most probably they want to get the attention of the public and help them explore it, if they saw some bug then much better. Most of the new site now came here really prepared and ready to operate, this might be one of the reason why bug bounties no longer required for them.

Hamphser

sr. member

Activity: 2604

Merit: 338

Vave.com - Crypto Casino

Quote from: erep on October 06, 2022, 05:38:20 PM

Quote from: goaldigger on October 06, 2022, 05:14:46 PM

Some site already done this before and I even participated on those bug bounties and I guess this is really a big help to see if the site is working perfectly or there can still be bug which needs to be address right away.

Well, we cannot force every site to have this especially if they have a specific team to handle bugs from time to time, they probably rely more on their IT professionals than to users here in the forum and that is fine as well.

Every casino site has a dedicated team to protect servers from hackers in realtime so their platform no longer requires server security testing on bug bounty programs, although some top gambling platforms still open bug bounty durations indefinitely for the purpose of protecting anything from hacker threats. So if someone finds a critical bug that has an impact that could worsen the casino then it will be highly rewarded after the casino fixes it.

They are already hiring security team or someone who would really be back testing it before they would really be launching it on public.It is really just that common practice or default thing or set up for a business

to mind off on which security would be always the priority since gambling sites or platforms are really involved on huge money.They cant really be just careless on not to put up some emphasis or importance on this

one because this one could really cause possible huge impact on having huge losses or the worst they would really become bankrupt.They would be hiring those
security based workers and would be the ones on doing back testing and other related stuffs.

erep

hero member

Activity: 2282

Merit: 589

Quote from: goaldigger on October 06, 2022, 05:14:46 PM

Some site already done this before and I even participated on those bug bounties and I guess this is really a big help to see if the site is working perfectly or there can still be bug which needs to be address right away.

Well, we cannot force every site to have this especially if they have a specific team to handle bugs from time to time, they probably rely more on their IT professionals than to users here in the forum and that is fine as well.

Every casino site has a dedicated team to protect servers from hackers in realtime so their platform no longer requires server security testing on bug bounty programs, although some top gambling platforms still open bug bounty durations indefinitely for the purpose of protecting anything from hacker threats. So if someone finds a critical bug that has an impact that could worsen the casino then it will be highly rewarded after the casino fixes it.

paxmao

legendary

Activity: 2310

Merit: 1598

Do not die for Putin

Either they feel very safe or they are outdated in relation with best practices. White hat hacking including bugs or even beta testing by the crowd is actually a sound way of detecting what is wrong with you site and even can save plenty of headaches in the future. Also, it is quite cheap compared to an audit and may actually yield better results. It has to be used with care of course, as there may be incentives to hack and not tell.

nakamura12

hero member

Activity: 2268

Merit: 669

Bitcoin Casino Est. 2013

I kind of noticed it too that gambling sites didn't run bug bounties this time of year for update of the security but I do remember that there is a bug bounty before which as you have said to test the security of the site and also to know if there is any bug that gamblers may take advantage of it. I didn't get much time to participate in it but I did just for fun and to help not because of the reward since I don't have nothing else to do during my free time.

goaldigger

sr. member

Activity: 2422

Merit: 357

Quote from: Crypt0Gore on October 06, 2022, 02:50:39 AM

Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.

Some site already done this before and I even participated on those bug bounties and I guess this is really a big help to see if the site is working perfectly or there can still be bug which needs to be address right away.

Well, we cannot force every site to have this especially if they have a specific team to handle bugs from time to time, they probably rely more on their IT professionals than to users here in the forum and that is fine as well.

Vaskiy

legendary

Activity: 2646

Merit: 1106

Enterapp Pre-Sale Live - bit.ly/3UrMCWI

The security systems were well advanced and this makes the developers confident over their platform. However there'll be issues and the same used to get solved often. These days the development team itself have got team members dedicatedly working of identifying bugs. This have made developers concentrate much on user needs and for that reason more real time experience programs were run by new gambling sites than bug bounties.

TimeTeller

hero member

Activity: 2744

Merit: 588

Quote from: panjul07 on October 06, 2022, 10:39:20 AM

There were some casinos had such bug bounties but I cant really remember the names.
These days it is indeed rare to see casinos open a bug bounty publicly but I think most casinos has their own policy about bug bounty so if there is someone who find significant bug in the casino then he/she may contact them privately.
I believe it is how it works now, if you find a bug (serious one), better for you to contact them through the support and ask them if they have reward for anyone who find a serious bug.
Other possibility why it is lack of bug bounties now is that most casinos had tested their own platform well, perhaps they hired the best person to check the platform before the launch.
It makes them confident enough that there is no more bug in platform so they do not need to run bug bounties.

Yes, there were few. I remember one, exbet.io, they offered some users to test their site for possible bugs.
I believe they gave a lil bit amount to test their site and report whatever they find issues or bugs before the actual launching.
But not many new sites are doing this kind of effort. For some long-time casinos, they may have their own security team running such tests.
Because these large casinos with large number of players as well as bankroll amount, definitely, they have certain department taking care of these troubles or possible issues.

Fortify

legendary

Activity: 2688

Merit: 1192

Quote from: Crypt0Gore on October 06, 2022, 02:50:39 AM

Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.

I think it's a bit of a novelty and consequence of them relying on such an anonymous form of currency. If a "whitehat" hacker really wants to get a reward for finding a bug, contacting the support team and asking to speak to someone involved with security might illicit the same sort of response as any bug bounty page. On the flip side, it might be more apt for someone who wants to help to seize the funds directly via the exploit because they could be taken by a criminal who would not be so willing to return them at any point. We never hear about hacking activity taking place, as it would ruin such a site but it does seem like a bug bounty program would be sensible to offer.

stomachgrowls

hero member

Activity: 3010

Merit: 794

Quote from: Crypt0Gore on October 06, 2022, 02:50:39 AM

Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.

Same to presume that they had already done that earlier or before they do launched up the site in public.Just like on the previous post or response of a member above that there's one i have seen
on the past too which is Fortunejack.They do set out huge or significant bounty if ever there are ones who do able to seek out for some holes or exploits.

Most of them had already set out those security measures.They do have the staff or the one who do take care when it comes to security.
This is why we dont really see bug bounties.

Saisher

full member

Activity: 2324

Merit: 175

There are a lot of costs in creating your own casino script while if you will just buy a white label it saves you a lot of cost and Whitelabel will take care of everything, of course, they made sure that their platform is bug-free because you're paying them with the huge amount money, so you can concentrate only in marketing which is the most important part when running a casino.

Quote

The Advantages of White Label Casino
Getting a fully operational system is already a huge advantage. Apart from that, you get the licence, a custom website design for your website, and integrated verified payment options with many more to come. You can fully concentrate on casino marketing, while SoftGamings does the rest for you.

https://www.softgamings.com/igaming-solutions-and-platforms/white-label-casino-software/

panjul07

legendary

Activity: 3500

Merit: 1354

There were some casinos had such bug bounties but I cant really remember the names.
These days it is indeed rare to see casinos open a bug bounty publicly but I think most casinos has their own policy about bug bounty so if there is someone who find significant bug in the casino then he/she may contact them privately.
I believe it is how it works now, if you find a bug (serious one), better for you to contact them through the support and ask them if they have reward for anyone who find a serious bug.
Other possibility why it is lack of bug bounties now is that most casinos had tested their own platform well, perhaps they hired the best person to check the platform before the launch.
It makes them confident enough that there is no more bug in platform so they do not need to run bug bounties.

robelneo

legendary

Activity: 3346

Merit: 1214

Quote from: Crypt0Gore on October 06, 2022, 02:50:39 AM

Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.

Why would they launch a bug bounty when we have no report of casinos getting hacked, you did not mention casinos that were hacked for you to ask why casinos should launch a bug bounty, they are using and subscribing to white label its the Whitelabel casino script maker that should launch a bug bounty and besides there's no need of that because these white labels have their own developers and they are the one hiring hackers to test their site before offering this to casino operators.

Topic: Lack of bug bounties from gambling platforms - page 5. (Read 783 times)