tmsr - Search: responsible disclosure

asciilifeform: i think 'professional' is tardcode for 'responsible disclosure' and general usg-fellatio

asciilifeform: the only responsible, in actuality, disclosure, is one that deals maximal damage to the fucking great satan.

douchebag: Aside from that, I don't really see what's bad about a responsible disclosure policy. I don't believe that asking people to not fuck your shit up in exchange for payment is too much to ask

asciilifeform: douchebag: https://www.hackerone.com/disclosure-guidelines << 'responsible disclosure'ism, payment in kycolade, etc crapola

a111: Logged on 2018-05-14 13:30 asciilifeform: ^ pretty lulzy prehistory -- usg is burning the vuln in the most traditional way, complete with 'responsible disclosure'ism and a boeck-style 'researcher' ; nao spinning in every propaganda organ in unison as 'pgp broken!'

BingoBoingo: <asciilifeform> ^ pretty lulzy prehistory -- usg is burning the vuln in the most traditional way, complete with 'responsible disclosure'ism and a boeck-style 'researcher' ; nao spinning in every propaganda organ in unison as 'pgp broken!' << Apparently @hanno has a take on this too that sums to the rest of the party line "who could be using this with hygeine?"

asciilifeform: ^ pretty lulzy prehistory -- usg is burning the vuln in the most traditional way, complete with 'responsible disclosure'ism and a boeck-style 'researcher' ; nao spinning in every propaganda organ in unison as 'pgp broken!' ☟︎

asciilifeform: ( which , yes, is what 'responsible disclosure' is, no exceptions )

asciilifeform: for instance 'responsible disclosure' ( i.e. if you find a bug, report to usg first )

mimisbrunnr: Logged on 2018-03-22 19:33 ben_vulpes: oh and twist, douchebag skip the responsible disclosure fingertrap and fuck 'em hard.

ben_vulpes: oh and twist, douchebag skip the responsible disclosure fingertrap and fuck 'em hard.

asciilifeform: !#s responsible disclosure

asciilifeform: the 3 or 4 people on the planet who can actually SELL 0days , knowing they'll be paid 1) know who they are 2) wouldn't even cough and spit for a mere 500 , esp if paid in taxolade 3) don't deal with 'uber' et al, or any 'responsible-disclosure'-pushing usg.tentacle , not for promises of three kingdoms and five princesses

ben_vulpes: asciilifeform: look when there's actual even halfway sorta (((cryptocurrency))) involved, no responsible disclosure will ever happen

a111: Logged on 2015-12-20 17:54 asciilifeform: didn't we do a 'responsible disclosure'-is-for-idiots thread ?

asciilifeform: !#s responsible disclosure

asciilifeform: 'responsible disclosure' == aid and comfort to enemy

asciilifeform: 'responsible disclosure' shitsackery. ☟︎

asciilifeform: rm that had "shorted" St. Jude's stock on the information in order to profit from a drop in the stock's value. The researchers at the security firm MedSec chose to take this route to disclosure, MedSec CEO Justine Bone said, to "ensure that St. Jude Medical responds appropriately and with urgency." The partnership with a short-seller is a fundamental departure from the established approach of responsible disclosure normally taken by

mircea_popescu: 18* adlai wonders whether the low price tag of responsible disclosure stems from the glass cannon nature << doesn't seem glass cannon-y at all, with any patience you could have hijacked some "notable" accounts made them do some funky shit.

assbot: Logged on 09-03-2016 19:25:33; *: adlai wonders whether the low price tag of responsible disclosure stems from the glass cannon nature of indiscretionary usage

adlai wonders whether the low price tag of responsible disclosure stems from the glass cannon nature of indiscretionary usage ☟︎

assbot: Anand Prakash : [Responsible disclosure] How I could have hacked all Facebook accounts ... ( http://bit.ly/1LRwXJU )

assbot: Logged on 06-07-2015 01:24:01; mircea_popescu: "you wanted to benefit from responsible disclosure protections, you should have been in the wot" "but at the time i made that decision it seemed a no brainer, why expend the effort" "right. this is why you die."

asciilifeform: didn't we do a 'responsible disclosure'-is-for-idiots thread ? ☟︎

asciilifeform: http://www.troyhunt.com/2015/07/heres-how-im-going-to-handle-ashley.html << watch the 'responsible disclosure' twerps stuff head farther than ever thought possible up own arse

mircea_popescu: "you wanted to benefit from responsible disclosure protections, you should have been in the wot" "but at the time i made that decision it seemed a no brainer, why expend the effort" "right. this is why you die." ☟︎☟︎

assbot: ADD / XOR / ROL: Why are most researchers not a fan of standards on "responsible disclosure" ... ( http://bit.ly/1D9Osia )

BingoBoingo: robwhiz22: If you thing your solicitation reveals flaws, public disclosure is the responsible thing to do

mircea_popescu: and moreover... the product is not deployed. any disclosure is responsible by definition

mike_c: how can you say it would not be responsible disclosure when that is exactly what the manufacturer is asking you to do.

robwhiz22: It would not be responsible disclosure if I were to pastebin the rest of hte email here.