They're always permitted to ask, but there's nothing they can do to stop you.
Maybe it's a bit rude, but their choice not to reward foreigners under their bug bounty is also kind of rude. Neither party has much of a high ground, in my opinion.
The blog post was published half a year after KakaoTalk said they fixed the problem, that's twice as long as most people would give them.
"If you decide to write a blog post about this, we would appreciate it if you could consider masking any information that might reveal our company's identity, as a favor to us."
So what? The vulnerability was patched. I assume hiding the details only helps the company save-face.
In my last job we literally had "classes" teaching us how to deal with Asian colleagues (specifically in China, but SK has the same culture) who would try to hide things and save-face at literally any corner possible; I remember my old boss' example of "when walking down a street in Beijing, if you ask somebody directions to a street that they don't know, they will adamantly indicate that they know and it's that way (a random direction) in order to not say they don't know the true direction. I didn't personally buy the classes and saw it as a generalization and racist (unsurprising, given the manager leading this class is born and bred in Poland; not exactly known for its diversity or.. external knowledge of the world or Asia; also the majority of the team had never left the country before so had no other viewpoint or angle to base these classes on), but it just confirmed my "trust but verify" approach to things.
The relevance of my story is that if I hacked or found some security issue with the Chinese colleagues, I was instructed to not in any circumstances communicate it in a way that may make them feel like it was an issue of theirs, that their code or infrastructure or whatever was hacked: it was _our_ fault for not telling them in advance that they can't do that specific action or whatever.
> I didn't personally buy the classes and saw it as a generalization and racist (unsurprising, given the manager leading this class is born and bred in Poland; not exactly known for its diversity or.. external knowledge of the world or Asia
Did you call out a generalisation/racism only to then go on to make a generalist/racist remark about people from Poland?
"People from country X do not generally have knowledge of continent Y because nationally they take an insular approach" is not racism, it's an identification of a root-cause which for anybody that lives in Poland, is quite well known.
So basically, you're saying it's not racist if it's true? Still seems like a double standard to generalize your manager's nationality while calling his generalization of another nationality racist. Especially when you're kind of describing your manager's "racist" pointer to hold true in this context.
> The relevance of my story is that if I hacked or found some security issue with the Chinese colleagues, I was instructed to not in any circumstances communicate it in a way that may make them feel like it was an issue of theirs, that their code or infrastructure or whatever was hacked.
Non-ironically, how people even are able to collaborate with the Chinese?
> I remember my old boss' example of "when walking down a street in Beijing, if you ask somebody directions to a street that they don't know, they will adamantly indicate that they know and it's that way (a random direction) in order to not say they don't know the true direction.
That actually happened to me in Japan. And now that I have been working here for a few years... let me tell you that communication with (most) Japanese colleagues is quite difficult. They are extremely afraid of taking any kind of personal responsibility, decision processes take forever, and much like you say they don't take any kind of "blame" very well.
> Beijing, if you ask somebody directions to a street that they don't know, they will adamantly indicate that they know and it's that way (a random direction) in order to not say they don't know the true direction
I didn't find this statement to be true at all. Chinese people will just say they don't know and move on.
I think your professor lead you guys on with blatant orientalism. Sad that money was exchanged to hear his opinions.