undefined | Better HN

0 pointslolinder1y ago0 comments

It might be covered under an NDA with some company that she's contracting with if she/they discovered the vulnerability in the course of their work.

0 comments

devmor1y ago

It could also be any number of other things too, like it's severe enough that the author feels its responsible to wait for mitigation efforts before disclosing anything about the issue that could lead to it being exploited.

lolinderOP1y ago

The existence and phrasing of this post implies that the author doesn't trust the atop developers to fix anything in a timely manner if at all.

devmor1y ago

The developers don't necessarily have to be the ones working on mitigation efforts.

YetAnotherNick1y ago

"screams NDA" is not the same as "might be covered under an NDA". And in any case, very likely the said company has already taken mitigative action like removing atop already.

j / k navigate · click thread line to collapse

0 comments

devmor1y ago

lolinderOP1y ago

The existence and phrasing of this post implies that the author doesn't trust the atop developers to fix anything in a timely manner if at all.

devmor1y ago

The developers don't necessarily have to be the ones working on mitigation efforts.

YetAnotherNick1y ago

"screams NDA" is not the same as "might be covered under an NDA". And in any case, very likely the said company has already taken mitigative action like removing atop already.

j / k navigate · click thread line to collapse