I knew eventually companies would turn on bug bounty programs. We went long enough for the collective memory of management to forget the chaos of Full Disclosure and the absolute hell of playing patch...
@nprofile1q... yeah I've been wondering what legal case MS have here, it's not like any other reporting of faulty things (eg construction) is criminal, and at what point is disclosure actually just journalism and covered by journalistic privileges?
1