undefined | Better HN

0 pointsjachee8y ago0 comments

So, if if find a security bug with your product, you prefer that I publish it directly to twitter as a 0-day?

0 comments

Yes. Ideally you would also ping me in your public release, so I know whom to pay. Because that would also for be the users benefit to know to either fix, firewall, or not use until software is deployed.

I've seen the dark side where this leads. It leads to BTC transactions and 0days bought and sold. That's the worst, further past scrappy company sitting on exploits.

I strongly believe in transparency. It empowers users and admins more than any other option out there.

j / k navigate · click thread line to collapse

0 comments

crankylinuxuser8y ago

I've seen the dark side where this leads. It leads to BTC transactions and 0days bought and sold. That's the worst, further past scrappy company sitting on exploits.

I strongly believe in transparency. It empowers users and admins more than any other option out there.

j / k navigate · click thread line to collapse