Hacker News new | past | comments | ask | show | jobs | submit login

I think they're asking for a source on the specific claim about Microsoft employees selling bugs on the black market, which is what I would also like to see.

I don't need to be convinced that security bugs should be on a need-to-know basis during the responsible disclosure period, that seems obviously prudent. Anyone not working specifically on security can learn about the details at the same time as the wider public.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: