- If you’ve found a security problem in someone else’s project… ideal world advice… do your best to make sure they get a polite heads up before you announce it with some lead time to develop a fix. Not forever, but some. Sadly, this isn’t an ideal world, but you can call your representative(s) to make security research (and thus the whole darn internet) safer for everyone.
CRASH Space Blog Posts
https://www.eff.org/issues/coders/vulnerability-reporting-faq «https://en.wikipedia.org/wiki/Responsible_disclosure> http://howdoireportavuln.com/ https://www.cyberscoop.com/signal-desktop-remote-code-flaw/ https://security.stackexchange.com/questions/52/how-to-disclose-a-security-vulnerability-in-an-ethical-fashion https://security.stackexchange.com/questions/807/reporting-vulnerable-sites> https://stackoverflow.com/questions/667147/hacking-and-exploiting-how-do-you-deal-with-any-security-holes-you-find https://security.stackexchange.com/questions/13760/found-security-vulnerability-what-should-i-do