undefined | Better HN

0 pointsbeedogs8y ago0 comments

There is nothing irresponsible about disclosing huge vulnerabilities in software by any means necessary.

Edit: as usual, downvotes but no response. I miss when this place was decent.

0 comments

> as usual, downvotes but no response

The very comment you are replying do lists a reason why disclosing huge vulnerabilities without providing upstream time to patch is irresponsible: "because it puts millions of Apple customers at risk in the process."

Your comment doesn't refute the reasoning the comment you are replying to provides, and it also doesn't tell us anything about why you think "There is nothing irresponsible about disclosing huge vulnerabilities in software by any means necessary." You state your position, but offer no rationale, no reason for it; why should I accept your position as the correct or ethical thing to do?

rched8y ago

Why not? The end goal is protecting users. If disclosing a vulnerability before a company has a chance to fix it puts more users at risk than waiting how is that not irresponsible?

beedogsOP8y ago

Considering the vulnerability was supposedly brought to Apple's attention a month earlier via the "proper" channels, and considering Apple's history of repeatedly ignoring and dismissing said disclosures, I'd say this was the only correct action to take.

j / k navigate · click thread line to collapse