Re: [Full-disclosure] Fw: Earth to Facebook



The only other people that see the vulnerability are the select few in
upSploit.

OK. You should probably document that, and make it clear that this
policy will not change without the reporter's explicit consent.

It's an interesting project - but you guys are working for security
software vendors and security consultancies, so I think it's important
to clarify.

Use it once for something you may not care about to much and see how it
works for you.

Well, that's not the point - the real question is what happens with
valuable vulnerabilities. But really, I'm not criticizing.

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/