Could he not use a trusted intermediary though? That is, find someone to report the issue who can be entangled by ToS, will take screenshots, etc.
I suppose the biggest problem of this would be the trust part, though. :) On Mar 18, 2012 9:14 AM, "Jeffrey Walton" <[email protected]> wrote: > On Sun, Mar 18, 2012 at 8:57 AM, Ferenc Kovacs <[email protected]> wrote: > > https://www.facebook.com/whitehat/report/ ? > Its encumbered by Terms of Service. Its better to find an email > address so that (1) you are not bound by legal entanglements, and (2) > you have a written record of the correspondence. > > I'd try RFC 2142 (MAILBOX NAMES FORvCOMMON SERVICES, ROLES AND > FUNCTIONS, http://www.ietf.org/rfc/rfc2142.txt). [email protected] > and [email protected]. > > Jeff > > > On Thu, Mar 15, 2012 at 4:37 PM, J. Oquendo <[email protected]> wrote: > >> > >> Earth calling Facebook security engineers, earth calling Facebook > security > >> engineers. Tried reaching out to you guys about a vulnerability a good > >> friend discovered. No one should have to hunt you guys down in an > effort to > >> assist you with security flaws. > >> > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
