Technology News

#1 (permalink)

An anonymous reader asks: "I recently found a major security flaw through serendipitous independent research. I do not want to go into details, but it could be used against certain companies and have a large negative financial impact. However, I have no wish to use this for malicious purposes, and would rather profit by helping the company fix the problem. Seeing as many researchers have been persecuted/prosecuted lately for public disclosure, what is the best way to go about informing the company and agreeing on an appropriate fee for my services, without having it look as though I am trying to extort them?"</img>


Read More About: Informing a Company of a Security Discovery?...

#2 (permalink)

Sadly it's such a touchy issue. While you may be honestly trying to help a company by informing them of the holes in their security there's just as much chance of them accusing you of hacking into their system and alerting the authorities.

It's sad because the word hacker is now associated with crime instead of with intellectual curiosity and creative problem solving, which is more in line with what the word really means.

I know if someone alerted me to a flaw in my site that could potentially lead to something malicious I would thank the person who let me know and ask if they could help me fix the hole. It's a shame that many companies would take the opposite stance.

__________________
l Search Engine Friendly Web Design |
Please login or register to view this content. Registration is FREE

l Tips On Marketing, SEO, Design, and Development |
Please login or register to view this content. Registration is FREE

l
Please login or register to view this content. Registration is FREE
|
Please login or register to view this content. Registration is FREE