-
nandoodles OpenWebHQ SecureWithHUMAN Bug bounties usually don't preclude the person or org claiming them from talking about the issue, they mostly just state a period after initial reporting that they ask people to withhold reporting on the issue so that they have time to fix it.Permalink On twitter.com
Mood 0
-
nandoodles OpenWebHQ SecureWithHUMAN Usually the folks who claim a bug bounty write all about it after giving the organization with the issue a deadline to resolve it, whether or not they do (and sometimes they don't)Permalink On twitter.com
Mood +2 🙂
-
nandoodles OpenWebHQ SecureWithHUMAN We've been talking a lot about independent auditing of ad tech & its ecosystem, but no one has really established good incentives to do so, it would be interesting to think thru how that might work. Perhaps the massively expensive certification folks should be made to throw in.On twitter.com
♻️ 1 Retweets
❤️ 1 Favorite
Mood +4 🙂