Y
Hacker News
new
|
ask
|
show
|
jobs
by
0x0
43 days ago
Dropping a public exploit on github before distros have patches available isn't very cool, or is that just how veterans roll these days?
3 comments
tptacek
43 days ago
There is no one accepted set of norms on disclosure. Any strategy you take, someone will criticize.
link
akerl_
43 days ago
I don’t know if “cool” is the word I’d use, but there isn’t an established “right” way to disclose a vulnerability that you found outside of a contracted security review or other employment/contracting arrangement.
link
john_strinlai
43 days ago
mainline was patched a month ago
link