Ask HN: How can lawmakers better protect reporters of security vulnerabilities?
The US is again warning of potential cybersecurity attacks against the US. Hearing this, I can't help but roll my eyes and lament the way we treat those who report cybersecurity vulnerabilities.
Recently, the governor of Missouri made it a personal political goal to prosecute a "hacker" who did nothing more than view the source of a government web page. It's easy to find other cases where people are harassed, prosecuted, and sometimes jailed, after reporting a vulnerability.
I myself once discovered an apparent security vulnerability, but I just closed my browser and walked away. I didn't want to deal with the potential harassment or worse. I think many are like me.
What changes can lawmakers make to improve this situation? How can we protect those who report security vulnerabilities?
2 comments
[ 1.8 ms ] story [ 11.2 ms ] thread