Or maybe snake oil is the wrong term. I don’t know if there’s a term for someone who warns others and they never listen, because it seems no matter how much you break into buildings and expose the flaws, hack a bank’s transaction, or infiltrate a database, the company will thank you, pay you a few hundred thousand dollars, then do nothing to change.
Essentially it just seems like I’m helping big companies bypass regulations by rubber stamping their pinky promises to change. I guess internal security auditing might be a little better, but I don’t know
Have not done it, but I've followed a couple of these through the years. A couple rules for success seem to be:
Basically, use the money to fund projects that make the world better around you. Don't buy a ferrari.