Hacker News new | ask | show | jobs
by bobmcnamara 284 days ago
This seems to presume the company is ready and willing to take feedback.

Maybe things are better now.

Years ago the only contact for many companies was through customer service. "What do you mean you're in our computer? You're obviously on the phone!"
2 comments
immibis 284 days ago
Also "Oh, you hacked us? We'll call the police right away. You're going to jail." - followed by you actually going to jail for many years. Sometimes, anonymous, public, uncoordinated disclosure actually leads to the best security outcome in the long run, since security researchers in jail isn't that.
link
bobmcnamara 284 days ago
Yes. I live in a state where a journalist reported a Department of Education system leaking teacher SSNs and the governor sent state troopers after him.

Doing the right thing can be awfully unpleasant.

link
bigiain 284 days ago
> This seems to presume the company is ready and willing to take feedback.

Near the bottom of the blog post it says:

> When | What Happened

> Day 1, same day | RBI fixes everything faster than you can say "code red"

> Credit where it's due – RBI's response time was impressive.

link
bobmcnamara 283 days ago
Oops. I mean that generally my experiences have been less good
link