I’ve read about this before and what I don’t understand about these corporations is: why get pissed off? If you keep failing to secure things after flaws have been pointed out why not offer the security researcher a job? Not that they’d necessarily want the job — but why not try to be productive rather than have a bitch-ass attitude about it?
I don’t get it either. imagine instead of cybersec this was an everyday interaction.
“Hey Phil, I think your fly is down. I can see one of your balls peeping out.”
“PHIL WHY WOULD YOU POINT THAT OUT TO ME. EVERYONE IN THE OFFICE WILL SEE MY BALLS NOW THAT YOUVE POINTED IT OUT. NO ONE COULD SEE IT BEFORE WHY WOULD YOU DO THIS TO ME???”
A tale of two Phils
In my defense I was half asleep LOL
but why not try to be productive rather than have a bitch-ass attitude about it?
Because doing work is effort spent on not wasting money on bonuses, especially when public image, thus shareholders, is involved.
You should look at the original post from the security researcher. He used an employees login to access internal MCD software, defaced stuff for a short time, etc.
Of course MCD didn’t take that well.
Good on him.
