Full Disclosure mailing list archives
Seeking comment on disclosure articles
From: Shawna McAlearney <SMcAlearney () cxo com>
Date: Fri, 12 Jan 2007 07:46:37 -0500
Vulnerability Disclosure: Where Do You Stand? If you see a glaring security hole in a sensitive application, what will you do? Will you notify the developer? The users? Other hackers? Sometimes it's best not to be the good Samaritan. Read about "The Chilling Effect" and also find out why Bruce Schneier thinks full and open disclosure is a "damned good idea" while Marcus Ranum says disclosure of vulnerabilities is a marketing ploy by vendors that was never really designed to further security and has only succeeded in fostering a "grey-market economy in exploits." Do you think disclosure only aids attackers? http://www2.csoonline.com/exclusives/column.html?CID=28088
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Seeking comment on disclosure articles Shawna McAlearney (Jan 12)
- Re: Seeking comment on disclosure articles Ben Bucksch (Jan 12)
- Re: Seeking comment on disclosure articles Valdis . Kletnieks (Jan 12)
- Re: Seeking comment on disclosure articles Pavel Kankovsky (Jan 14)
- Re: Seeking comment on disclosure articles Ben Bucksch (Jan 12)