alt Hacker NewsJust to play devil's advocate, couldn't sending zero-day exploits to a foreign nation's intelligence service potentially cause the sender significantly more trouble.
Replies
paulryanrogers • today at 11:32 AM
Because... your home country or affected company could consider it espionage? Sounds like a stretch.
johnbarron • today at 1:15 PM
It depends on the country apparently:
"Israel reached out to US hackers for ‘Zero Days’ tools" - https://www.timesofisrael.com/israel-reached-out-to-us-hacke...
Finland is a NATO country, so for most people on this site you would be sending it to a government agency of an allied nation. Punishing that would make it look like you don't trust your allies
The other angle is that you are obviously doing it in good faith, on the assumption that they will try to work with the vendor to fix and responsibly disclose the vulnerability