[Xelbair]

no bug bounty, onto black market of exploit it goes.

that or full public disclosure.

[LadyCailin]

I wonder how worried they would get if more people actually started selling exploits on the black market, instead of reporting and not getting a bug bounty. If you don’t offer a bug bounty program in the first place, my gut feeling is that they probably wouldn’t care in that case either. Either way, this is a super good reason to not do business with such a company.

[NooneAtAll3]

I wonder if centralized "sell program vulnerabilities here" government shops can be set up

While intelligence agencies are an obvious benefitiary, this would also give leverage of government over capital

[Xelbair]

if the fire it lit under them, after their software leads to widespread hack - they will care.

that's the point - to put pressure on them to CARE.

[hypercube33]

Maybe something for gamers Nexus to light a fire