| ▲ | applfanboysbgon 4 hours ago |
| > $25,000 to the first true universal jailbreak to clear all five questions. This program is a complete scam. Even if 100 people find "bugs", they will only pay out to one person. |
|
| ▲ | skeeter2020 4 hours ago | parent | next [-] |
| that's not the point even. They are attempting to build credibility in two ways: 1. this model is SO advanced that there are huge risks, never before considered. 2. we're doing the super-responsible thing in incentivizing work that addresses this. #1 is unproven and frankly, unlikely, which makes #2 meaningless. The fact that the "prize" is so low & structured this was suggests that they're not that concerned but do think it's likely that a bunch of people will find things. If they truly thought their model was so good they would be confident issues would be both rare and very critical, then offer huge rewards with no limits because they'd be much more confident no one would claim it. |
| |
| ▲ | applfanboysbgon 4 hours ago | parent [-] | | Yes, I was about to edit in that I think this is simply a media/PR stunt before I got so many replies so quickly. They get bonus points because the structure is so insulting that it may not engender many serious participants, in which case it may go unbroken, in which case they can go to the media and proclaim "look, we offered a reward, but nobody broke it! Our model is objectively the safest in the world!". | | |
| ▲ | StilesCrisis 2 hours ago | parent [-] | | I think there's definitely going to be a prizewinner. It's an insultingly low bounty for a professional, but a script kiddie could probably figure out a jailbreak and it's a huge payout for them. |
|
|
|
| ▲ | mmsc 4 hours ago | parent | prev | next [-] |
| How is that a scam? You don't get participation awards for solving half of a puzzle... |
| |
| ▲ | applfanboysbgon 4 hours ago | parent [-] | | I didn't say anything about partial solutions. The puzzle can have multiple full solutions. Or does the software you write only have exactly one bug? If so, that's impressive, in multiple ways, including the fact that you're able to identify that there's exactly one bug but not what the bug is and fix it. |
|
|
| ▲ | Lucasoato 4 hours ago | parent | prev [-] |
| Well, that depends on how you set up the bounty program. What if I find a solution, share it to a friend so that both of us can claim the prize? |
| |
| ▲ | skeeter2020 4 hours ago | parent | next [-] | | bug bounty programs have never paid out independent disclosure for the same bug though; they might split or even pay-out larger coordinated efforts. It's largely a first place award only. | |
| ▲ | ImPostingOnHN 4 hours ago | parent | prev [-] | | assume there exists 2+ different bugs after the 1st bug is found, no payout for any other of the bugs |
|
