I’m not sure if I would be honored or offended.

  • Chariotwheel
    link
    fedilink
    621 year ago

    Probably not for informing people about vulnerabilities, especially if they don’t publish it before talking to the government.

    You really want to reward grey hats that tell you about security issues,

    • @[email protected]
      link
      fedilink
      611 year ago

      Yes but sadly that’s not what happens.

      For example there was a security researcher that found out, the official api of some political party site here in Germany was leaking user data. Instead of thanking them an mitigating the issue, the researcher got sued and it was just dropped because of the public outcry.