| ▲ | grayhatter 5 hours ago | |
> Researchers are under no obligation to engage in coordinated disclosure and are free to sell 0day for profit. Uh... no? If you mean legally, some people might, depending on jurisdiction. But also, ethically? yes, researchers are ethically obligated to disclose responsibly. > Just fyi. ... > Be glad it was disclosed at all. Be glad a patch was available prior to release. I am glad that a patch was available. Equally I can be glad that the linux community is strong enough to respond quickly, while also being angry that this person behaves unethically. Likewise, when people in my industry behave poorly, or unethically; I'm now the person ethically obligated to both point it out, and condemn it. Not to become an apologist demanding I should be happy watching bad things happen, when much of the fallout could have been prevented with a bit less incompetence and ignorance. | ||