Credit to scratchers who find and report major bugs/glitches

Pot-of-Cake

cwkethan1508 wrote:
Znapi wrote:
Pot-of-Gold wrote:
I disagree because the ST discorages hacking blocks because it confuses new scratchers.
This is about hacking the Scratch site, like sending HTTP requests to do something that the ST would rather not like to be possible, then telling them so they can prevent someone with bad intents from exploiting it. Making hacked blocks is a different topic.
Oh, still no support though

As per above

Detriment2

I don't think we should be giving incentive for people to hack. One day the hackers have a change of heart and suddenly scratch is in the toilet? No thank you

Zparx

Detriment2 wrote:
I don't think we should be giving incentive for people to hack. One day the hackers have a change of heart and suddenly scratch is in the toilet? No thank you

Yahoo does it all the time. I know someone who made 3 grand for exposing a vulnerability in their servers. It keeps security tight. I don't think you guys are looking at this through the proper looking glass

Alberknyis

Detriment2 wrote:
I don't think we should be giving incentive for people to hack. One day the hackers have a change of heart and suddenly scratch is in the toilet? No thank you

Think about it for a while. Lets say a good hacker helps Scratch, but then realizes their potential and becomes a bad hacker. This isn't a good thing, but on the other hand, they could have been a bad hacker a long time ago, and now that Scratch has had some help from them, their website is more secure from previous good hacker.

But yeah, rewards for white hats will increase the number of white hats, which increases the number of black hats, which really isn't good. White hats, dark knights, not paid workers.

FalconGunner99

Detriment2 wrote:
I don't think we should be giving incentive for people to hack. One day the hackers have a change of heart and suddenly scratch is in the toilet? No thank you

If they can hack, they will. It's better to give them incentive to disclose what vulnerabilities they find than to just shun them.

shadowraptor39

The word “hacker” applies to anyone who tampers with technology to make it do something it didn't do before, or use it for something it wasn't meant to be used as.. For example, you can use soap as chalk or a crayon, especially on dark paper. It smells good, too! This is an example of “positive hacking”. However, reprogramming a computer to do harm to others, or steal their belongings is considered “negative hacking.”

Blank1234

im a hacker, i dont have bad intentions
even though im directly in the group that would benefit from your suggestion, i dont agree with it. its basically saying that people with good computer skills should be rewarded with popularity. My opinion, is if anybody is to be rewarded with popularity, it should be everyone

kiloe2

I am on the white hat hacker side.

The_Scratch_Squad

kiloe2 wrote:
I am on the white hat hacker side.

The internet can be a distrustful place. You have to at least have some doubt whether to trust a scratcher or not…

ChocolatePi

Blank1234 wrote:
im a hacker, i dont have bad intentions
even though im directly in the group that would benefit from your suggestion, i dont agree with it. its basically saying that people with good computer skills should be rewarded with popularity. My opinion, is if anybody is to be rewarded with popularity, it should be everyone

I didn't know that. What sort of things have you done?

ChildCritic

One of my OCs is a skilled hacker.
She is a protagonist.
I support small rewards only.

aptitude

I'm learning about hacking for good intentions, as a white hat, but I don't think Scratch should be supplying awards.

gdpr533f604550b2f20900645890

Maybe Scratch should add the names or usernames of people who report security vulnerabilities to the “Credits” page.

IronBit_Studios

Chibi-Matoran wrote:
Maybe Scratch should add the names or usernames of people who report security vulnerabilities to the “Credits” page.

iamunknown2

Chibi-Matoran wrote:
Maybe Scratch should add the names or usernames of people who report security vulnerabilities to the “Credits” page.

I support the above suggestion.

Plus, what else could they reward them with their barely sufficient budget?

I doubt being on the credits page will boost your popularity/fame anyway.

Last edited by iamunknown2 (Dec. 30, 2015 12:26:30)

iamunknown2

Alberknyis wrote:
But yeah, rewards for white hats will increase the number of white hats, which increases the number of black hats, which really isn't good. White hats, dark knights, not paid workers.

An incentive for white hats will only remind black hats that they can hack.

As for the problem of them exploiting vulnerabilities a white hat posted, the ST has told people to send the information about vulnerabilities through Contact Us, which is private.

Giving hackers an incentive to put on their white hat is better than letting them put on their black hat.

therealpsy

Support. Everybody who says “all hackers are bad” are no less bad than people who say “all women are weak” or some other stereotype like that.

-Io-

Modifying the project's json to add blocks that otherwise would be impossible to get with the project editor is not hacking. That's simply modifying the project's json. They're called “hacked” simply because it can't be made with the project editor alone.

Also, putting letters into cloud variables is not really a hack, it's a “glitch/bug” (not really) Flash has, since it handles 0x strings as hexadecimal numbers, and thus Scratch detects it as a number and allows it.

No support to your suggestion. Although it would be nice, it would only raise popularity, and people asking “how r u hacker?!?!?! thats bad!!!!” - just like people are telling MATU just because he made so you can change your projects' thumbnails to any image or animated image.

I think going in the credits would be better. Not much people go to that page, and people know that people there are nice and good.

derpmeup

IronBit_Studios wrote:
Chibi-Matoran wrote:
Maybe Scratch should add the names or usernames of people who report security vulnerabilities to the “Credits” page.

Pls actually say something if you're going to quote someone ;3; )/

IronBit_Studios

derpmeup wrote:
IronBit_Studios wrote:
Chibi-Matoran wrote:
Maybe Scratch should add the names or usernames of people who report security vulnerabilities to the “Credits” page.
Pls actually say something if you're going to quote someone ;3; )/

something if you're going to quote someone ;3; )/

Discuss Scratch