List of non-honorable mentions
Posted: Thu Dec 21, 2017 11:44 pm
I'm thinking of creating a list of company websites that I do not recommend the intervention of security researchers. The criteria to be included in this list are the following:
Lack of thanks for the work and time spent;
Lack of information when the vulnerability is fixed;
Lack of response to questions;
False promises of rewards just to get the information they wanted (personally I don't force anyone to give a reward, but don't like people who make fake promises just to obtain what they wish for);
Lack of a proper treatment when dealing with security researchers
The idea is to put a pastebin link with the list in my profile.
Since this is a community, I would like to know your opinion about this, if you agree or not.
I also would like to know from the administrator if exists any rule that are against this action.
Cheers
Lack of thanks for the work and time spent;
Lack of information when the vulnerability is fixed;
Lack of response to questions;
False promises of rewards just to get the information they wanted (personally I don't force anyone to give a reward, but don't like people who make fake promises just to obtain what they wish for);
Lack of a proper treatment when dealing with security researchers
The idea is to put a pastebin link with the list in my profile.
Since this is a community, I would like to know your opinion about this, if you agree or not.
I also would like to know from the administrator if exists any rule that are against this action.
Cheers