Cat Can't Scratch It
- May 9, 2000
Good news for PayPal users; PayPal finally closed off the vulnerability that would allow hackers to gain access to the user’s personal information. The hole was discovered two weeks ago, but PayPal officials felt the risk to users security was minimal. The hole would have gone undiscovered by PayPal until a 17 year old student found it, but was denied a reward for reporting it due to his age.
When PayPal didn't allow him to participate in the program because he wasn't yet 18, the student released the details of his discovery on the Full Disclosure security mailing list, but only after giving PayPal a week's period of grace, which the company allowed to pass.