For example there was a security researcher that found out, the official api of some political party site here in Germany was leaking user data. Instead of thanking them an mitigating the issue, the researcher got sued and it was just dropped because of the public outcry.
I thinks it's more about getting a gesture of gratification. Most hackers would probably get sued instead ๐
Probably not for informing people about vulnerabilities, especially if they don't publish it before talking to the government.
You really want to reward grey hats that tell you about security issues,
Yes but sadly that's not what happens.
For example there was a security researcher that found out, the official api of some political party site here in Germany was leaking user data. Instead of thanking them an mitigating the issue, the researcher got sued and it was just dropped because of the public outcry.
True, the CDU is a fossil and values apperance over progress.
I mean, they have "------ian" in the name of the party, obviously they're knuckle draggers.
Anybody named Ian: ...
cough Modern Solution GmbH cough