Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fwd: [ISN] Security experts hit out at "unethical" bugfinder

From: <halvar () gmx de>
Date: Sun, 13 Mar 2005 22:49:15 -0800
Hey all,


I don't think it is a simple as "create a market" and "effect vendor
behavior".  Its the details that matter.  Is the detail of not
automatically informing vendor one that is necessary for the market to be
economical to the broker?  Is is a requirement to modify vendor behavior?
Are their downsides to this that preclude this type of market from taking
off and really effecting the industry?


I agree fully -- the details are crucial if we want to align the
market with the general well-being. It is never enough to just "create
a market".

As long as we have broad "ethics" statements condemning _any_ sales of
vulnerability info, it is somewhat hard to talk about the details of a decent 
set-up though.

Cheers,
Halvar 
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: