Full disclosure and the colour of ones hat

[Tim Brown <netsys () machine org uk>]

Personally, I prefer full disclosure as this is how we handle
other objectionable practices within society.  For example, we openly
discuss weaknesses in other facets of our lives despite their potential
for misuse e.g. medicine or legislation.  We also criticise those who do
not fully disclose the nature of their wares or activities e.g. tobacco
barons or politicians.  Human development relies on the ability to learn
and adapt and that in turn relies on the dissemination of information.

However, since hackers (and I use that term in its original form i.e.
those that use technology in different and unique ways) are a subset of
society, it is only to be expected that some will act in less than reputable
ways, no matter the colour of their hat.  There will be black hats that
use their 0day knowledge for harm and destruction and white hats that ride on
the coat tails of others, leaching off their peers knowledge to collect
their monthly pay check.  However, this shouldn't prevent the vast
majority of either type from working "in their own way" to improve security.

Hat colours are not the problem, some people behave well and some behave
badly - THAT is the problem.

Cheers,
Tim
-- 
Tim Brown
<mailto:netsys () machine org uk>
<http://www.machine.org.uk/>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html