• S410
    link
    fedilink
    510 months ago

    Disclosing found exploits allows developers to patch them out and improve security of everyone, which includes all the other alphabet boys and regular citizens.
    There’s no way to know that you’re the only one who found any given exploit. Letting an exploit stay unpatched opens up an attack vector for everyone, not just you.

    • Kalkaline
      link
      fedilink
      English
      110 months ago

      Disclosing found exploits to the development team is far different than exposing those exploits to unfriendly countries or in this case those that would expose state secrets.