|
|
|
|
|
|
by syntonym
2621 days ago
|
|
|
Responsible disclosure is about not enabling third parties to leverage the disclosure to gain access. In this case the hacker did not disclose the security holes before they were closed for third parties (i.e. the hacker could only still access the hosts because he had access to the them in the past, new access was (hopefully) not possible anymore). Which of course doesn't mean that the hacker should have just send an email to the matrix team. |
|
|