Hacker News new | ask | show | jobs
by lolinder 451 days ago
It might be covered under an NDA with some company that she's contracting with if she/they discovered the vulnerability in the course of their work.
2 comments
devmor 451 days ago
It could also be any number of other things too, like it's severe enough that the author feels its responsible to wait for mitigation efforts before disclosing anything about the issue that could lead to it being exploited.
link
lolinder 451 days ago
The existence and phrasing of this post implies that the author doesn't trust the atop developers to fix anything in a timely manner if at all.
link
devmor 451 days ago
The developers don't necessarily have to be the ones working on mitigation efforts.
link
YetAnotherNick 451 days ago
"screams NDA" is not the same as "might be covered under an NDA". And in any case, very likely the said company has already taken mitigative action like removing atop already.
link