Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

But not all real security issues are reported by a competent person, or by someone who has even a vague idea what the true nature of the bug is; ignoring reports for not making sense on their face is dangerous. Some companies feel they have a duty to do due diligence...

http://blogs.msdn.com/b/oldnewthing/archive/2011/12/15/10247...

(I've never been on the receiving end of a security mailbox, so I have no personal testimony as to the reasonableness of this approach.)



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: