A former CIA software engineer has been sentenced to 40 years in prison for what the government called the biggest theft of classified information in CIA history and for possession of child sexual abuse images and videos.
Disclosing found exploits allows developers to patch them out and improve security of everyone, which includes all the other alphabet boys and regular citizens.
There’s no way to know that you’re the only one who found any given exploit. Letting an exploit stay unpatched opens up an attack vector for everyone, not just you.
Disclosing found exploits to the development team is far different than exposing those exploits to unfriendly countries or in this case those that would expose state secrets.
Disclosing found exploits allows developers to patch them out and improve security of everyone, which includes all the other alphabet boys and regular citizens.
There’s no way to know that you’re the only one who found any given exploit. Letting an exploit stay unpatched opens up an attack vector for everyone, not just you.
Disclosing found exploits to the development team is far different than exposing those exploits to unfriendly countries or in this case those that would expose state secrets.