When it becomes legally compulsory to report all vulnerabilities to the vendor immediately, what do you think will happen to bug bounties?
@randomoracle @jruderman @dinodaizovi If nobody picks up the tab then they'd be 0-day'd on every bug. Eventually they'll get tired of it.
-
-
@randomoracle@jruderman@dinodaizovi Timely sharing of information to the public is important. Coordinated disclosure is just a nicety.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.