Wednesday, February 02, 2011

Why unsolicited reporting of vulnerabilities is a bad idea

Almost all young hackers come at some point of their hacker-life to the conclusion that finding and unsolicited reporting of vulnerabilities would be a fine idea:

The owner of the website might be thankful or even hire the young hacker to check the site further or fix the vulnerabilities.

Almost everyone in the IT-Sec-Business I know had this idea - and most of us learned the more or less hard way, that it is in fact a bad one. Not all potential customers are nice people. And be honest: Would you really hire someone who did an unsolicited hack of your infrastructure?

Some "IT-Sec-Professionals" take longer to learn their lessons - I remembered my own experiences when I read about Chris Russo and his plentyoffish-hack.

In my opinion both partys made mistakes and are leaving a really bad impression in this case. Maybe something to learn from, regardless on which side of the net you work?

Some of the comments over at slashdot are worth reading.



Voyance sérieuse par telephone said...

Thank you first of all for this great blog. I come every day including week end! Good luck.

Voyante gratuite par mail

voyance par mail gratuite said...

You clearly know so much about the subject, you’ve covered so many bases.
Great stuff from this part of the internet. Again, thank you for this blog.

voyance gratuite said...

Congratulations to the site it is very nice to be more interactive and more originale.De it has a lot of content and links.

lin said...

I'm not going in originality but your blog is so good you can not say anything other than THANK YOU!
voyance gratuite par mail

voyance par mail said...

This blog is so nice to me. I will continue to come here again and again
Good luck

sofy lefour said...

Un blog sympa que je découvre seulement !
voyance gratuite par mail

voyance serieuse gratuite said...

Your blog is really great, I come over every day and each time I find something that suits me

viajes en marruecos said...

It's awesome! Keep sharing.

rosy123 said...

C'est interessant de trouver comme ce genre de postes.
voyance gratuite par mail rapide

voyance gratuite en ligne par mail said...

Bravo pour ce superbe travail !!!

rosy123 said...

Bravo ! Votre blog est l'un des meilleurs que j'ai vu !
voyance gratuite par téléphone

rosy123 said...

Vraiment sympa ce site web
voyance gratuitement par mail

Viajes en Marruecos said...

You have made many great points here.
Tour from Marrakech To Merzouga
Week-end marrakech

voyance Email said...

Grâce à vous, j'ai pu apprendre beaucoup de choses intéressantes. J'espère en apprendre encore.

rosy123 said...

Bravo ! Votre blog est l'un des meilleurs que j'ai vu !
voyance gratuite immediate

Rosiana Monbon said...

Bonjour, bravo pour votre site, pour moi qui débute il m'est utile. Continue comme cela il est très clair. Bon courage
gay telephone

Labella Labella said...

Mille merci pour tout.
Tu es incroyable, mille bisous pour toi.

voyance email

Labella Labella said...

j ai passé un bon moments et j en ai eue plein les yeux!!!
voyance par mail gratuit