http://www.perlmonks.org?node_id=1042761


in reply to If I were the Pauper who found a security hole that allows privilege escalation, I'd …

First of all, no "inform the Prince" option?

Honestly, it would have to do with how I feel about the organization and my circumstances. If I was truly a pauper and I was struggling to feed my family, I may try to figure out a way to exploit the situation.

Isn't there an established way to proceed that ethical security researchers have developed? Privately contact the organization responsible for the security flaw and if they don't fix it in X number of days, go public with it?

Replies are listed 'Best First'.
Re^2: If I were the Pauper who found a security hole that allows privilege escalation, I'd …
by ChuckularOne (Prior) on Jul 09, 2013 at 13:02 UTC
    Hmmm... Address it in X days or pay me $1x10^n to not go public with it.