Y
Hacker News
new
|
ask
|
show
|
jobs
by
lobotryas
2615 days ago
Agreed. CFAA makes these kind of disclosures stupid-risky in USA. If the company has a bug bounty program then MAYBE disclose. You only stand to lose by trying to be a good samaritan otherwise.