StateScoop: Reporter who notified Missouri officials of website flaw did ‘nothing out of line,’ emails show

StateScoop: Reporter who notified Missouri officials of website flaw did ‘nothing out of line,’ emails show. “The St. Louis Post-Dispatch reporter who notified Missouri officials of a website flaw that exposed public-school teachers’ Social Security numbers told the state he would hold back on publishing his discovery for up to 48 hours and provided the state with details about how he found the flaw, records obtained by StateScoop show. In doing so, he followed the widely accepted steps in disclosing a vulnerability, according to a person who wrote the international standards for vulnerability disclosure.”

%d bloggers like this: