Full Disclosure mailing list archives
"responsible disclosure" explanation
From: Georgi Guninski <guninski () guninski com>
Date: Fri, 5 Aug 2005 15:50:23 +0300
here is what "responsible disclosure" means: according to: http://www.theregister.co.uk/2005/07/29/cisco_settles_rogue_researcher_dispute/ "Cisco's actions (regarding) Mr. Lynn and Black Hat were not based on the fact that a flaw was identified, rather that they chose to address the issue outside of established industry practices and procedures for responsible disclosure," the term "responsible disclosure" is a corporate instrument for trying to shut people up. i doubt the "responsible" argument will stand in a non-us court. also challenge the fact that this is "established industry practice". the net result of the cisco gate is the info is out there and cisco is resetting luser's password. check the flames about the responsibility rfc, which got ditched by the IETF. note: i don't promote neither disclosure, nor non-disclosure - everyone choses for themselves. -- where do you want bill gates to go today? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- "responsible disclosure" explanation Georgi Guninski (Aug 05)
- Re: "responsible disclosure" explanation Florian Weimer (Aug 08)
- Re: "responsible disclosure" explanation Georgi Guninski (Aug 08)
- Re: "responsible disclosure" explanation Jason Coombs (Aug 08)
- Re: "responsible disclosure" explanation Jason Coombs (Aug 08)
- Re: "responsible disclosure" explanation (an example of the fallacy of idealistic thought) Matthew Murphy (Aug 08)
- Re: "responsible disclosure" explanation (an example of the fallacy of idealistic thought) robert (Aug 09)
- Re: "responsible disclosure" explanation (an example of the fallacy of idealistic thought) Florian Weimer (Aug 11)
- Re: "responsible disclosure" explanation Georgi Guninski (Aug 08)
- Re: "responsible disclosure" explanation Florian Weimer (Aug 08)
- <Possible follow-ups>
- Re: Re: "responsible disclosure" explanation Daniel H. Renner (Aug 09)