The thing is if you want to continue working in the industry you have to give people the benefit of the doubt and give them time to fix the issue. If you don’t do that you’re very quickly find yourself to be out of a job no one wants to lose cannon, is bad for business.
Its not even the benefit of the doubt. They still publish and name and shame at 1 month. Its just to avoid harm to the users who the security researchers are ostensibly working to protect.
This, I can totally be behind this. I take it back, no public shaming, because of the users. Couldn’t care less about the fucking proprietary driven bullshit development companies.
The thing is if you want to continue working in the industry you have to give people the benefit of the doubt and give them time to fix the issue. If you don’t do that you’re very quickly find yourself to be out of a job no one wants to lose cannon, is bad for business.
Its not even the benefit of the doubt. They still publish and name and shame at 1 month. Its just to avoid harm to the users who the security researchers are ostensibly working to protect.
This, I can totally be behind this. I take it back, no public shaming, because of the users. Couldn’t care less about the fucking proprietary driven bullshit development companies.