|
Re: Responsible disclosure practices
The standard practice for white-hat hacking is to report it to the designer discreetly, and if they don't do anything about it after a year or so, then publish on it. Don't demonstrate at an event or anything. Write up a white paper and publish it. Otherwise there is no pressure to actually fix what's broken, and if you found out about it, you can assume someone nefarious knows about it too.
|