Microsoft pledges "not to sue hackers finding security flaws on its website"

In a first for a major company, Microsoft has publicly pledged not to sue or press charges against ethical hackers who responsibly find security flaws in its online services. The promise, extended Saturday at the ToorCon security conference in Seattle, is a bold and significant move. While researchers are generally free to attack legally acquired […]

Share online:

In a first for a major company, Microsoft has publicly pledged not to sue or press charges against ethical hackers who responsibly find security flaws in its online services.

The promise, extended Saturday at the ToorCon security conference in Seattle, is a bold and significant move. While researchers are generally free to attack legally acquired software running on their own hardware, they can face severe penalties for probing websites that run on servers belonging to others. In some cases, organizations have pursued legal action against researchers who did nothing more than discover and responsibly report serious online vulnerabilities.

"This is actually really important because online services - that's our stuff," Microsoft security strategist Katie Moussouris told several hundred researchers. "The philosophy here is if someone is being nice enough to point out your fly is down, they're really doing you a favor and you should thank them rather than calling the cops and saying you're a pervert."

Full Article

Microsoft, Hacking, Hacker, Intrusion, Website, Security, Vulnerability, Exploit Lawsuit

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.