Granted it looks like they had a policy but it's possible that not many people were aware of it. I don't know anyone that reads the lengthy ToS or policy documents of companies they deal with and they didn't seem to…
Looks like they had a quiet policy on it from mid 2010. It didn't seem to get much fanfare until about a year later when it became common public knowledge. I guess it's possible both are lying or neither of them.
http://news.ycombinator.com/item?id=3605343 I manage Facebook's Whitehat program (https://www.facebook.com/whitehat). We have taken an incredibly open stance towards security researchers and welcome the contributions…
Granted it looks like they had a policy but it's possible that not many people were aware of it. I don't know anyone that reads the lengthy ToS or policy documents of companies they deal with and they didn't seem to…
Looks like they had a quiet policy on it from mid 2010. It didn't seem to get much fanfare until about a year later when it became common public knowledge. I guess it's possible both are lying or neither of them.
http://news.ycombinator.com/item?id=3605343 I manage Facebook's Whitehat program (https://www.facebook.com/whitehat). We have taken an incredibly open stance towards security researchers and welcome the contributions…