Karl`s PC Help Forums Last active: Never
Not logged in [Login ]
Go To Bottom

In memory of Karl Davis, founder of this board, who made his final journey 12th June 2007

Printable Version | Subscribe | Add to Favourites   Post new thread Poll:
Author: Subject: Hello, Operator, Id Like To Report A Bug (In Your Company's Software)
JackInCT
Custom User Title
*******




Posts: 1484
Registered: 21-4-2007
Theme: KF Blue (Default)
Member Is Offline

Mood: No Mood

[*] Post 499276 posted on 9-11-2015 at 19:22 Reply With Quote
Hello, Operator, Id Like To Report A Bug (In Your Company's Software)



Hello, Operator, Id Like To Report A Bug (In Your Company's Software)

From Christian Science Monitor (CSM) news story (11/09/15): FYI: it's a lengthy article.

URL: http://www.csmonitor.com/World/Passcode/2015/1109/Hello-operator-I-d-like-to-report-a-bug-Why-one-company-is-offering-hackers-di rectory-assistance

Summary:
HackerOne, one of the leading bounty firms, is creating a system that will connect computer vulnerability hunters with companies that may not have formal disclosure policies (as to who in their company to speak to about the matter)....Only a handful of organizations actually had a formal policy for security researchers to call in tips...(HackerOne Staff) would have to go through hoops to try to tell companies about bugs (in their software)...(HackerOne is creating) what it calls "disclosure assistance" to a massive directory it created this summer to allow (white hat type) hackers to look up security contacts at major companies. Now, if hackers find the company they want to reach has no official disclosure policy, HackerOne will reach out to that firm directly to help determine the best way to report bugs, and provide that information back to the researchers.....94 percent of the Forbes Global 2000 the worlds largest and most powerful companies from all sectors, including the cream of the crop in finance, the auto industry, healthcare, and insurance still do not have formal channels for white hat hackers to report flaws they find to the companies....

Me Here: So major/rich companies are indifferent to flaws in their software that hackers can exploit; so this is news????
View User's Profile View All Posts By User
LSemmens
Undercover MOD
********


Avatar


Posts: 32767
Registered: 19-11-2004
Location: Riverton, South Australia
Theme: Windows XP Silver
Member Is Offline

Mood: Gone crazy, Back soo

[*] Post 499286 posted on 10-11-2015 at 01:07 Reply With Quote


They must think that they're invulnerable. Or, they can just sue the hacker.
View User's Profile View All Posts By User
Katzy
Anything you like
*******


Avatar


Posts: 7670
Registered: 23-7-2002
Theme: Coffee
Member Is Offline

Mood: Fintlewoodlewix.

[*] Post 499294 posted on 10-11-2015 at 11:14 Reply With Quote


Some companies seem to have the ethos where not acknowledging something, like that, will make it go away.
View User's Profile View All Posts By User
Post new thread Poll:

Guest Notice
You are a guest, as a guest you can only see a maximum of 3 posts per thread.

If you want to see the rest, please click here to register.