|
|
|
|
|
|
by NotSammyHagar
2308 days ago
|
|
|
It should be guaranteed at this point that there are zero days in both main cellphone platforms, apparently an endless number. They keep coming out, there is so much value in them commercially. I want to push a view and wish it was more widespread in the software world that finding zero days and not reporting them responsibly (like time to fix by the vendor before publication) is unacceptable. The second part of this view is that it is immoral to work at a company where you find zero days and exploit them. Working at the companies that find these and end up selling them to dictatorial regimes, secret police, as well as to the Harvey Weinstein's of the world is wrong. As a software engineer in a western country I'm fortunate to have some choice in my employers, as many of us do. My choices have some reflection on my character - and like everyone else, I'm hardly perfect myself. There are legal and illegal activities, and companies hide behind "we only sell to countries where it's legal". It's still immoral and wrong, and I don't want to work with immoral developers. Doing this kind of stuff is not the ultimate scarlet letter - but if you are working this field, please consider the impact of your actions. |
|
|