It is now a common thing that researchers report to websites about the flaw in their product or web-site. These researchers are termed as “Gray Hats”. However care should be taken that while informing vendor about the flaw can lead to legal consequences which the hacker may have to pay for the good. An article gives a brief guideliness what the researcher can follow while reporting any bug to the vendor.

A resercher may have violet the law in the course of finding the flaw. Hence he may face legal actions (mostly from vendors who panic a lot). In such cases he should take proper care before contacting the vendor. He must note the following things : Read more »