alt Hacker NewsHaving shell is extremely handy for further discovery. SO handy that if they were just gonna patch the bug and lock you out, you would simply not disclose it.
Having shell is extremely handy for further discovery. SO handy that if they were just gonna patch the bug and lock you out, you would simply not disclose it.
This is what happened. Tesla security received tons of bug reports that required root access to identify, yet they got a vanishingly small number of root vulnerability reports. This policy fixes that misincentive.