I’m not sure if I would be honored or offended.

  • Chariotwheel@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Probably not for informing people about vulnerabilities, especially if they don’t publish it before talking to the government.

    You really want to reward grey hats that tell you about security issues,

    • hstde@feddit.de
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Yes but sadly that’s not what happens.

      For example there was a security researcher that found out, the official api of some political party site here in Germany was leaking user data. Instead of thanking them an mitigating the issue, the researcher got sued and it was just dropped because of the public outcry.