Hacker News new | past | comments | ask | show | jobs | submit login

Yes, and WhiteHats would raise those security concerns with the company, privately, and work with them to get it solved. If the company didn't work to fix them, that's when you raise it publicly.



Not with something high-profile like banks - they should be having their security check all the time, why should someone pentest them for free?

And if clients don't know how secure their bank is, they don't really have a choice other than guessing.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: