Selling hacks is ethical

PaulRobinson · on Nov 15, 2024

Let's suppose you are right. Why not accompany that with a proposed fix, too?

frogsRnice · on Nov 15, 2024

Don’t necessarily agree that selling hacks is ethical, but if I already spent time figuring out how to exploit a system - reporting it to the relevant place is charity. Ill do that, but Im definitely not spending time trying to fix the code if the solution isn’t immediately obvious. ++ so if you have to fight to get the bug recognised in the first place

berkes · on Nov 15, 2024

Why? And: Always?

calvinmorrison · on Nov 17, 2024

Paying for bounties is paying for exploits. That is to say, choosing not to pay for exploits is tantamount to selling your customers off for a price, the price of the bounty.

SoftTalker · on Nov 15, 2024

I actually agree, in the same way that selling lock picks or guns is ethical. They are just tools. How they are used is the responsibility of the person wielding them.

bigyikes · on Nov 15, 2024

I can think of benign uses for lock picks and guns. What is the benign use of a secret exploit?

username44 · on Nov 15, 2024

One example I can think of is the WoW private server Warmane uses an RCE to extend client functionality.

https://www.reddit.com/r/wowservers/comments/1eebxwf/warning...

SoftTalker · on Nov 15, 2024

You've never needed to get root access on an old computer when nobody knows the password?

bratwurst3000 · on Nov 15, 2024

it doesnt have to be secret. for example unlocking old phones. There are certainly people waiting for the right exploits to get access to their old wallet.