[Gllug] [OT] Reporting security vulnerabilities
James Pearson
james-p at moving-picture.com
Wed Sep 29 10:41:32 UTC 2010
James Courtier-Dutton wrote:
> Hi,
>
> I have discovered a security vulnerability in a large multinational's
> systems that can be exploited remotely via the internet.
> I cannot find any security contact information at the company web site
> that does not cost me money in order to report the problem.
> The company in question is Sky TV.
> I therefore do not think it worth me bothering to report it to them.
> Should I keep quiet or should I make more effort to report the problem?
Isn't there a risk that they might accuse you of 'hacking' into their
systems?
There are lots of stories out there (which may of may not be true) about
this sort of reaction by some organisations ...
James Pearson
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list