Once companies started suing people trying to practice “responsible disclosure”, I stopped attacking people that choose maximum disclosure.
Responsible disclosure has always been a bit of a hedge. It’s rare to be able to show you are actually the first person/organization to discover a vulnerability.
Once companies started suing people trying to practice “responsible disclosure”, I stopped attacking people that choose maximum disclosure.
Responsible disclosure has always been a bit of a hedge. It’s rare to be able to show you are actually the first person/organization to discover a vulnerability.