Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> In the software development / security world, someone reporting a vulnerability to you is one of the greatest things one human can do for another.

Depends on context. When it's a knowledgeable user reporting the issue, you're right.

What I mostly encounter are for profit "security researchers" who try to profit on fear and/or misunderstanding.



Yes. As someone who spent years on the receiving end of these, I'd change my original post to be about "real" vulnerabilities, not the results of automated scans.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: