| ▲ | akerl_ 6 hours ago |
| > maybe even criminal What’s your theory here? What crime? |
|
| ▲ | holowoodman 4 hours ago | parent | next [-] |
| Exploits are sold and used as weapons, sometimes even weapons of war. Which in many places is criminal, except under very restrictive circumstances. Also, all kinds of aiding and abetting. |
| |
| ▲ | akerl_ 4 hours ago | parent [-] | | What does that have to do with this comment thread? Copying from the comment I was replying to: > But publishing a working exploit together with the disclosure before patches are available is really really irresponsible, maybe even criminal |
|
|
| ▲ | michaelmrose 6 hours ago | parent | prev [-] |
| If it's not a crime I see no reason not to work with partner nations to build responsible disclosure into a legal framework everywhere because it pretty obviously should be. |
| |
| ▲ | akerl_ 6 hours ago | parent | next [-] | | If you wanted to somehow make coordinated disclosure into a legal framework, that would be an interesting and complex project. But it’s not the law anywhere I’m aware of today, and I’d not support it becoming a law. | |
| ▲ | jodrellblank 5 hours ago | parent | prev [-] | | You know companies are allowed to pay people to find vulns, and pay people bug bounties? Instead of that, you’d rather make the law compel free individuals to limit their speech, or to hand over their work to big companies privately, so big companies can save money? That doesn’t sound like a nice future, if it’s even enforceable at all. |
|
