Reporting Vulnerabilities Is For The Brave
An anonymous reader writes "A recent post on the CERIAS weblogs examines the risks associated with reporting vulnerabilities. In the end, he advises that the risks (in one situation, at least) were almost not worth the trouble, and gives advice on how to stay out of trouble. Is it worth it to report vulnerabilities despite the risks, or is the chilling effect demonstrated here too much?"
When vulnerabilities are outlawed, only outlaws will use vulnerabilities.
I recently figured out a fairly anonymous method of reporting vulnerabilities for a cost of only $0.39. Send SASE for details.
Intron: the portion of DNA which expresses nothing useful.