[development] Irresponsible security researcher
andrewberry at sentex.net
Wed May 13 15:00:14 UTC 2009
On 12-May-09, at 9:22 PM, Karoly Negyesi wrote:
> This guy believes in full disclosure so much he discloses everything
> he finds instead letting us fix and disclose.
Did he report this issue? http://justin.madirish.net/node/339. I still
seems exploitable. I see he's been credited for SA's in the past. It's
a shame that the noise from him is drowning out the real issues he's
If there are a sizeable number of issues on his site which he hasn't
reported, any idea how much of a backlog this will create for the SA
team? Since the exploits are public, perhaps we should organize to go
through his site and figure out what is still exploitable.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2672 bytes
Desc: not available
More information about the development