|
|
|
|
|
|
by lazide
282 days ago
|
|
|
Yes. The underlying problem is that knowing about the vulnerability is not an issue. Getting to the point you know about and are sure it’s a vulnerability almost certainly will implicate whoever discovered it in a CFAA crime (and those punishments are ridiculously severe for what counts as committing them in most cases). Most of these things are best done across non-cooperative international borders, just to reduce the incentive for ‘throw them in jail’ as a easy ass covering measure. |
|
|