Jump to content

How reporting a vulnerability could get you in trouble


cooper

Recommended Posts

http://www.cerias.purdue.edu/weblogs/pmeun...es-law/post-38/

Just found this on Slashdot.

Student approaches teacher with a vulnerability on a commercial website. Teacher reports to site, they fix it but get hacked shortly thereafter. In the following police investigation the teacher is a suspect and is asked (well, threatened might be the better word here) to reveal the name of the student that found the original vulnerability.

Spooky stuff.

Link to comment
Share on other sites

The point is more that it's ludicrous it's come to this.

Put yourself in the shoes of the company though. Think like them for a second and you'll understand why. If you systems get exploited, you turn over every stone to find out why.

Link to comment
Share on other sites

dude, that like my school, I basicly handed then a list of all thier paswords cuz they used lm, which is retarded. I also showed then how I can just do a net user /ADD and htye gave me 3 days suspention, can you say fucken DDoS

Link to comment
Share on other sites

  • 1 month later...

I have done similar things at my school (found vulnerbilitys in the network, etc.). Fortunately, it seemed that as long as you worked with the computer teachers on fixing the problem, you never found yourself in any trouble. Either that or my teachers liked me or something... *shrug*. Anyway, i feel bad for the guy. I understand that companys HAVE to do what they can, they just shouldnt be blaming anyone.

Link to comment
Share on other sites

I think the best approach is to use their own poison against them. Find some flashy lawyer who wants to make his/her name "fighting against big bad corporations" then have your lawyer sue the shit out of that company for harrasment and get every newspaper, magazine, news talk show and radio talk show on your side in the process.

Fuck em, enough people want to have it out for these big companies, mine as well use it in your favor.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...