Linked by Thom Holwerda on Tue 28th Jun 2011 22:16 UTC
Apple With all the news about Anonymous, LulzSec, Anti-Sec, and so on, you'd almost forget there are more ethical hacking groups out there as well. One such group, YGN Ethical Hacker Group, informed Apple of several weaknesses in its developers website on April 25. Apple acknowledged the flaws, but so far, hasn't done anything about them. YGN Ethical Hacker Group has now stated they will fully disclose the vulnerabilities if Apple doesn't fix them in the coming few days.
Thread beginning with comment 478989
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Responsible?
by pantheraleo on Tue 28th Jun 2011 23:33 UTC in reply to "Responsible?"
pantheraleo
Member since:
2007-03-07

Do you then run an ad in the national newspaper effectively telling all the crooks who they can burgle and how to do it?


Yes? At least that's what I would do. If they won't fix a security concern, I will widely publicize it to force them to fix it.

Edited 2011-06-28 23:33 UTC

Reply Parent Score: 3

RE[2]: Responsible?
by ourcomputerbloke on Tue 28th Jun 2011 23:38 in reply to "RE: Responsible?"
ourcomputerbloke Member since:
2011-05-12

Yes? At least that's what I would do. If they won't fix a security concern, I will widely publicize it to force them to fix it.


And if they were burgled would you accept that you are an accessory to the crime? I'm no lawyer but I suspect that's the way it would be viewed...

Edited 2011-06-28 23:39 UTC

Reply Parent Score: 1

RE[3]: Responsible?
by Thom_Holwerda on Tue 28th Jun 2011 23:45 in reply to "RE[2]: Responsible?"
Thom_Holwerda Member since:
2005-06-29

"Yes? At least that's what I would do. If they won't fix a security concern, I will widely publicize it to force them to fix it.


And if they were burgled would you accept that you are an accessory to the crime? I'm no lawyer but I suspect that's the way it would be viewed...
"

And if they were burgled, but the damage could've been greatly limited had you informed account holders?

Reply Parent Score: 2

RE[3]: Responsible?
by pantheraleo on Tue 28th Jun 2011 23:46 in reply to "RE[2]: Responsible?"
pantheraleo Member since:
2007-03-07

And if they were burgled would you accept that you are an accessory to the crime? I'm no lawyer but I suspect that's the way it would be viewed...


Standard "This is provided for informational purposes only. We assume no responsibility for how this information is used, etc." legal disclaimer applies. Not sure it would hold up. But then again, it's not like you are going to use your real name or make it easy for the feds to find you if you share information with a newspaper about how to rob a bank.

Reply Parent Score: 2

jabbotts Member since:
2007-09-06

In these cases, the civilian public is the last to know. If Hackers (ethical) discoved the issue, you can be sure that Crackers (unethical) have also discovered it. They are not publicizing something that criminals do not already know about.

If I can see how one might break in through your back door, you can be sure that burgler's have also noticed this.

Reply Parent Score: 2