|
|
|
|
|
|
by EricMausler
1013 days ago
|
|
|
You need permission because 1) the probing almost always involves breaking the terms of the contract you made with that company. 2) it creates a paper trail of intent 3) it's not your property so why wouldn't you need permission to access it? I am not sure how permission effects a companies ability or obligation to fix security bugs. I agree they should fix it. We can make the law that not only does the company approve of the request but they have to disclose to you additional information that can help you find bugs. Idk, point is I'm advocating for creating a system where researchers work with the company rather than as vigilantes |
|
|