|
|
|
|
|
|
by autalpha
5472 days ago
|
|
|
True story that happened to me: while trying to look up information for a restaurant reservation, I found some security issue that would redirect user to an obscure host name. I think it was an issue of bad DNS setup with their web hosting provider. In any case, being the helpful and detail-oriented web guy, I sent their head quarter's team an email with the detail of what's wrong and a solution that should fix it. I got an email from them the next morning, and since I started my email with "While I was looking up information for a reservation..." the person arranged the reservation for me. So I thought that was that. But after the meal was done, the owner came out and thanked me personally and took care of all our drinks. And since it was a Brewery/restaurant, the beer tasted a bit sweeter :) I've also sent another email to a small online belt buckle shop to notify them of the insecure way they were setting up Paypal on their site (again, the steps to reproduce the problem and steps to fix it). The owner emailed me back to thanked me as well as taking care of the order personally. You know, most people are just happy that you are giving them some help. Being in the hacking community, I would imagine that everyone is the same here--most of us are (overly) helpful individuals. It's in our genes. So don't fight it and do the nice thing of sending them the steps to reproduce the problem and ways you can fix it. If you feel that you should protect your anonymity, do it. But do notify them :) If one of these days, when I make an obvious security problem, I would hope, that one of us here would shoot me an email so I can fix it immediately. And I will promise to do the same. |
|
|