|
|
|
|
|
|
by ClumsyPilot
1024 days ago
|
|
|
> In that scenario I would MUCH rather the company ...
notfiy me ... provide updates.. Here is the problem - the company does not give a crap. You get robber, and it's their fault? They don't care. But they will sue the researcher, because the researcher has discovered that it's their fault you got robbed. |
|
|
And the ones that don't create a paper trail of not giving a crap
The researcher is protected from being sued by being granted permission and following any regulations created for ethical security research.
We can make security notifications from companies mandatory. Now if they try to hide something, and it comes out later, there is documentation of the cover up