Y
Hacker News
new
|
ask
|
show
|
jobs
by
RHSeeger
1396 days ago
Then they should provide a path that doesn't involve arbitrary NDAs if you're willing to forego the reward.
1 comments
tptacek
1396 days ago
That path already exists: it's called "email security@vendor, tell them what you found, ask when a patch is expected, and then tell them they have 60 days".
link