[Update: Corrected title per first comment. Also, should you find any kind of vulnerability with SoylentNews, please send a description to "dev" at "soylentnews.org" and we'll address it as soon as possible. --martyb]
Submitted via IRC for AndyTheAbsurd
Almost a quarter of hackers have not reported a vulnerability that they found because the company didn't have a channel to disclose it, according to a survey of the ethical hacking community.
With 1,698 respondents, the 2018 Hacker Report, conducted by the cybersecurity platform HackerOne, is the largest documented survey ever conducted of the ethical hacking community.
In the survey, HackerOne reports that nearly 1 in 4 hackers have not reported a vulnerability because the company in question lacks a vulnerability disclosure policy (VDP) or a formal method for receiving vulnerability submissions from the outside world.
Without a VDP, ethical, white-hat hackers are forced to go through other channels like social media or emailing personnel in the company, but, as the survey states, they are "frequently ignored or misunderstood".
But that means that three-quarters DO, which I guess is good news. Or at least not bad news.
(Score: -1, Offtopic) by Anonymous Coward on Thursday January 18 2018, @09:04PM (1 child)
Those are OKish hackers.
The bad ones use the holes to make ransomware.
The good ones support America. They sell to the NSA, CIA, Army, and Air Force.
The really good ones, better than me, freely give to the NSA, CIA, Army, and Air Force.
(Score: 0) by Anonymous Coward on Thursday January 18 2018, @09:58PM
Lol, this guy patriots.