WP Tavern › Forums › Create Topic
Jeff Chandler but I haven’t seen anybody disputing that it was an obvious vulnerability. Why does it matter whether it was obvious or not? If it was so obvious, then why wasn’t it fixed in which case none of this would have ever happened? It doesn’t matter to me how small or obvious a security issue is, if it’s publicized without a fix in place for users to take advantage of, it makes the person publicizing it the villain. Besides, who gets to decide whether or not something is so obvious that full disclosure wouldn’t do any further damage? I read the comments on her blog, her post, some posts linking to her posts and my post was the opinion that how this went down should not be considered standard procedure with a request to others who may end up in the same position to give the vendor some time before raising hell about it. It’s great that she reported it to the vendor instead of taking full advantage of it but at the same time, this situation presents a few opportunities to learn what NOT to do. I mean, if she waited 48-72 hours, who knows if this post would have ever been written.
Jeff Chandler
but I haven’t seen anybody disputing that it was an obvious vulnerability.
Why does it matter whether it was obvious or not? If it was so obvious, then why wasn’t it fixed in which case none of this would have ever happened?
It doesn’t matter to me how small or obvious a security issue is, if it’s publicized without a fix in place for users to take advantage of, it makes the person publicizing it the villain. Besides, who gets to decide whether or not something is so obvious that full disclosure wouldn’t do any further damage?
I read the comments on her blog, her post, some posts linking to her posts and my post was the opinion that how this went down should not be considered standard procedure with a request to others who may end up in the same position to give the vendor some time before raising hell about it. It’s great that she reported it to the vendor instead of taking full advantage of it but at the same time, this situation presents a few opportunities to learn what NOT to do.
I mean, if she waited 48-72 hours, who knows if this post would have ever been written.
Name *
Email *
Website:
Topic Title (Maximum Length: 80):
Forum: — No forum —AI and WordPress Articles Blocks Showcase Discussions Events Introductions Jobs and Working in WordPress Podcast Episodes Site and Block Editor
Enter your email address to subscribe to this blog and receive notifications of new posts by email.
Email Address
Submit
Enter the destination URL
Or link to existing content