[WrtCdEvrydy]

> pen test authorization requirements

Yes, we don't want people to publicize when we fuck up so we'd rather just NDA them to death when they tell us about bugs.

Edit: If you don't accept, we just use the hacking laws in the US to silence you.

[lawnchair_larry]

Well, you’re not entitled to conduct attacks on them at all, so why shouldn’t the terms be up to them?

[Drdrdrq]

This sounds.. awful. I'm sure there are reasons, but hiding information this way makes you seem incompetent and unsure of yourself (you as Amazon, not you personally) in my eyes.

Edit: I assume you are speaking as employee of Amazon of course, which is not necessarily true.