If true, that means a news publisher got advanced notice, and not some operating systems vendors.

"Responsible disclosure" is anything but responsible.

Follow

^ personally, i am of the opinion that full disclosure best disclosure.

if bug bounties could give, instead of money or swag, useful knowledge, no matter how old (src, internal docs, build artifacts with private symbols, stuff like that which *should be* the currency of infosec); then i'd maybe reconsider. unfortunately that's not likely to happen in an era where such things are called Imaginary Property, given imaginary values, and hoarded instead of preserved.

· · Web · 0 · 0 · 1
Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!