Hacker News new | past | comments | ask | show | jobs | submit login

I tried a little searching but I can't find anything that says how this all ended. Alex Stamos denied saying anything bad. But then what? It looks like it was all just dropped pretty much as is?



> But then what? It looks like it was all just dropped pretty much as is?

That usually means some money was exchanged and some NDAs were signed.


Why would Facebook NDA paying a researcher? Shouldn't they be shouting it at the top of their lungs?


From my experience working in the PR and media industry, this NDA appears to serve a key purpose: It discourages engagements/discussions on social media platforms, thus hastening this incident into irrelevancy to mainstream media, thus protecting the brand reputation and key shareholders of FB.

Security findings are never good for the share price. Therefore it is crucial for the company to take control of the narrative when possible.


From Facebook's POV the researcher behaved badly and rewarding that behavior without an NDA will encourage other researchers to behave badly.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: