People think that the responsible and responsible disclosure means that You have some sort of weird responsibility to the vendor when that is in fact not the case :)
-
-
Tavis and Dave, who is advocating for keeping vulnerabilities a secret? My point is that vendors should hear about vulnerabilities from researchers, not the media. It's a researcher's right to socialize the vulnerability at some point, but give the vendor a chance to fix it.
-
Oh okay, so kinda like the trolley problem. You could warn everyone on the tracks that a trolley is coming, but that would be rude to the $35B trolley corporation... got it. Not sure I would call that responsible.

- 3 more replies
New conversation -
-
-
And then lobbied govt to make it mandatory practice ! I am in awe.
-
so several years ago, me and
@TheColonial did a talk at 44con about our experiences with reponsible disclosure. https://www.youtube.com/watch?v=oVev_DvD4D0 … I wont hold it against anyone if they dont bother watching, but, tl;dr, im firmly in the 'no more free bugs' camp now - 5 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
