2 comments

[ 3.2 ms ] story [ 15.8 ms ] thread
> No one may “collect, sell or publish information on network product security vulnerabilities,”

So you cannot even inform the general public that, for example, a widely used consumer product has a critical vulnerability?

Yes, the only path is open through the manufacturer, which otherwise would lead to hurting themself.