Update: I stumbled on a way into my gym's member database

I was testing my new phone on the gym's Wi-Fi last week. Found a weak spot in their login page by accident. Could see other people's info without a password. Felt wrong but also like a big find. Told the manager quietly, they fixed it fast. Still think about if I should have asked for a reward. What would you guys do in that spot?

4 comments

4 Comments

brooke_foster511mo ago

Finding a big security flaw like that totally deserves a reward lol

val9741mo ago

Agree completely, companies should absolutely pay up for that kind of find. It's a major service to them, honestly. Those bug bounty programs exist for a reason. Saves them from a huge headache and protects users.

troy_king721mo ago

Isn't it weird how something as fair as what @val974 said feels rare? Like, getting paid for real value should be normal but often isn't.

taylor.jessica12d ago

Yeah, it's pretty messed up how basic fairness isn't the default.