Hi, I am wondering if security researchers are allowed to reverse engineer Ignition to look for vulnerabilities (and responsibly disclose if found). The ToS says no, but https://security.inductiveautomation.com/ mentions Pwn2Own and etc.
Thanks
Regardless of what the ToS says, reverse engineering / decompiling the artifacts is happening regularly.
I don't even know if you're really bound by any terms if you haven't purchased a license.
Just go for it.
The Digital Millennium Copyright Act has some explicit loopholes, managed by a commission, that override ordinary copyright enforceability. IIRC, security research was explicitly added to the list a few years ago. But IANAL, yada, yada.
1 Like