Honestly, it would have to do with how I feel about the organization and my circumstances. If I was truly a pauper and I was struggling to feed my family, I may try to figure out a way to exploit the situation.
Isn't there an established way to proceed that ethical security researchers have developed? Privately contact the organization responsible for the security flaw and if they don't fix it in X number of days, go public with it?
|Replies are listed 'Best First'.|
Re^2: If I were the Pauper who found a security hole that allows privilege escalation, I'd …
by ChuckularOne (Parson) on Jul 09, 2013 at 13:02 UTC