Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mstdn.io/users/wolf480pl/statuses/111779687122870644">Wolf480pl (wolf480pl@mstdn.io)'s status on Friday, 19-Jan-2024 19:28:41 JST</a><a href="https://mstdn.io/@wolf480pl" title="wolf480pl@mstdn.io"><img src="https://gnusocial.jp/avatar/6007-48-20230307202553.webp" width="48" height="48" alt="Wolf480pl" style="position: absolute; left: 0; top: 0;">Wolf480pl</a><div><a href="https://infosec.exchange/@WPalant/111776937550399546" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://infosec.exchange/@WPalant">@WPalant</a> arguably, it shouldn't matter how strong the protection was. The purpose of security research is to find flaws in protections, the same flaws that could be used to do something malicious. That's the whole point. The differemce between a security researcher and a cybercriminal isn't what  protections they bypass, it's what they do after they find out that they can bypass a protection.</p><p>Do they report it to the vendor? Or exfiltrate data and sell it on black market?<br>1/</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2604356#notice-5165155">In conversation</a><time datetime="2024-01-19T19:28:41+09:00" title="Friday, 19-Jan-2024 19:28:41 JST">about 10 months ago</time> <span>from <span><a href="https://mstdn.io/@wolf480pl/111779687122870644" rel="external" title="Sent from mstdn.io via ActivityPub">mstdn.io</a></span></span><a href="https://mstdn.io/@wolf480pl/111779687122870644">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/2135854">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Wolf480pl (wolf480pl@mstdn.io)'s status on Friday, 19-Jan-2024 19:28:41 JSTWolf480pl
in reply to
- Yellow Flag
@WPalant arguably, it shouldn't matter how strong the protection was. The purpose of security research is to find flaws in protections, the same flaws that could be used to do something malicious. That's the whole point. The differemce between a security researcher and a cybercriminal isn't what protections they bypass, it's what they do after they find out that they can bypass a protection.
Do they report it to the vendor? Or exfiltrate data and sell it on black market?
1/
In conversationabout 10 months ago from mstdn.iopermalink
Attachments
1. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice