Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/tinker/statuses/113556138656124492">Tinker ☀️ (tinker@infosec.exchange)'s status on Thursday, 28-Nov-2024 02:40:59 JST</a><a href="https://infosec.exchange/@tinker" title="tinker@infosec.exchange"><img src="https://gnusocial.jp/avatar/15377-48-20231112082554.webp" width="48" height="48" alt="Tinker ☀️" style="position: absolute; left: 0; top: 0;">Tinker ☀️</a></section><article><p>Soooooo I found a massive vulnerability today, the day before Thanksgiving. </p><p>Buuuuuuut it's looks like its existed for a couple of years.</p><p>So, should I report it RIGHT NOW!!!! The day before thanksgiving? Or wait until next week.</p><p>On one hand, they'll have to react to it as its huge. And it could interrupt their time with family and a major holiday.</p><p>On the other hand, it's been around for so long, what's another couple of days going to change anything?</p><p>On the third hand, if this gets exploited over the holiday weekend, it's on me and could affect even more people.</p><p>Hmmmmmmm.... choices choices. </p><p><a href="https://infosec.exchange/tags/infosec" rel="tag">#infosec</a> <a href="https://infosec.exchange/tags/pentesting" rel="tag">#pentesting</a> <a href="https://infosec.exchange/tags/risk" rel="tag">#risk</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4081878#notice-7975742">In conversation</a><time datetime="2024-11-28T02:40:59+09:00" title="Thursday, 28-Nov-2024 02:40:59 JST">about 7 months ago</time> <span>from <span><a href="https://infosec.exchange/@tinker/113556138656124492" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@tinker/113556138656124492">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/420440">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Tinker ☀️ (tinker@infosec.exchange)'s status on Thursday, 28-Nov-2024 02:40:59 JST Tinker ☀️
Soooooo I found a massive vulnerability today, the day before Thanksgiving.
Buuuuuuut it's looks like its existed for a couple of years.
So, should I report it RIGHT NOW!!!! The day before thanksgiving? Or wait until next week.
On one hand, they'll have to react to it as its huge. And it could interrupt their time with family and a major holiday.
On the other hand, it's been around for so long, what's another couple of days going to change anything?
On the third hand, if this gets exploited over the holiday weekend, it's on me and could affect even more people.
Hmmmmmmm.... choices choices.
#infosec #pentesting #risk
In conversationabout 7 months ago from infosec.exchangepermalink
Attachments
1. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice