PayPal won’t take any legal action against a researcher who properly follows its procedure for reporting bugs in software. WhiteHat Security founder Jeremiah Grossman says PayPal’s policy may be the first to guarantee Web researchers protection. Microsoft panelist last week said the company wouldn’t take action against anyone who finds bugs in its Websites. Computer security laws make looking for vulnerabilities on live Web servers dangerous legal territory, and the laws aimed at protecting companies from attackers have also hurt researchers in this space. “I would certainly hope it’s the start of a trend,” says Grossman.”]
Source: https://www.darkreading.com/analytics/researchers-thankful-for-new-paypal-policy