h a l f b a k e r y
Yeah, I wish it made more sense too.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
or get an account
To encourage security researchers to not be afraid of
disclosing their finding, there should be a registry or a
standardised clause that businesses can sign up to or
This will have a contractual clause that a security
who have conducted all reasonable efforts to disclose
vulnerability will not in anyway be attacked by the company
in question for disclosing the vulnerability. (e.g. via sending
the FBI to raid the security researcher.)
Security researcher discovers glaring problem with patient data system, FBI stages armed dawn raid
[mofosyne, May 28 2016]
Please log in.
If you're not logged in,
you can see what this page
looks like, but you will
not be able to add anything.
||Why would someone believe an arbitrary company would keep this promise?
||Is "security researcher" really a thing, or is this some kind of
sanitised language for "hacker" (of whichever hat colour)?