Slashdot Mirror

← Back to Stories (view on slashdot.org)

Reporting Vulnerabilities Is For The Brave

Posted by ryuzaki0 on from the cya-first-and-always dept.

An anonymous reader writes "A recent post on the CERIAS weblogs examines the risks associated with reporting vulnerabilities. In the end, he advises that the risks (in one situation, at least) were almost not worth the trouble, and gives advice on how to stay out of trouble. Is it worth it to report vulnerabilities despite the risks, or is the chilling effect demonstrated here too much?"

1 of 245 comments (clear)

  1. Or you can get paid for it... by the_mighty_$ · · Score: 4, Informative

    I think a vulnerability can be reported anonymously quite safely

    And you can even get paid for doing it! Remember the Zero Day Initiative that was on the news a while back? They guarantee anonymity.

    --
    VI VI VI - the editor of the beast!