Facebook bug hunter paid $10K by community, not company

I'm happy for the guy and all, but Facebook is doing the right thing by not paying the bounty. They specifically bar messing with real user data, while they could have handled the original report better that's still not justification. If you bend the rule once, everyone will want you to bend the rule "just one more time" for them.

Not a bad pay day for a critical bug. Forget the black market, hypothetically speaking I wonder how much an ad agency would have paid for something like this if they can use/abuse it for a week before fb catching on (assuming the agency is unscrupulous).

Did anyone here donate to this guy? If so, can you explain why you did it?