|
|
|
|
Ask HN: How long to give a website to fix their security flaw?
|
|
3 points
by lmai
5723 days ago
|
|
|
How long should one give for a website to fix their security flow before warning their customers?
Corollary: How should it be done since I can't reach out to their customers?<p>Background:
The hack is simply changing the id variable in the url.
It's a serious bug as you can view some of my photos from my various social networks.
This could be detrimental to the VC backed company as they just did a Groupon-type deal (which is how I came to be a customer). |
|
|
If response is received wait a week or so and, again, check for the existence of the exploit.