Why The Public Sector Will Never Support Bug Bounties
Published in
3 min readAug 12, 2018
Would you believe there are some public sector sites that are still running SSL v2? This protocol version is completely riddled with holes and could open up the private keys used by a site. Overall it leaves a web site vulnerable to BEAST, FREAK, POODLE DROWN, and lots of downgrade attacks.
Leading companies such as Google and Microsoft have an active bug bounty scheme…