Security researchers who find a flaw in software normally privately inform the developers of it in the hope of prompting a fix, but now a mathematical trick can let them apply public pressure without releasing dangerous details of the bug
17 January 2023
A method to mathematically prove that a hacker has found a software bug, without revealing details of how the exploit works, could prevent companies from ignoring security vulnerabilities.
It is generally considered good practice for security researchers and ethical hackers who find a bug to disclose it the software’s creator before going public, giving them time to fix it. Many companies have launched bounty programmes that reward those who discover flaws in their systems to incentivise reporting and improve security.
However, things …