Bugtraq: seeking comments on disclosure articles

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

seeking comments on disclosure articles

From: smcalearney () cxo com
Date: 12 Jan 2007 14:07:35 -0000

Vulnerability Disclosure: Where Do You Stand?
If you see a glaring security hole in a sensitive application, what will you do? Will you notify the developer? The 
users? Other hackers? Sometimes it's best not to be the good Samaritan. Read about "The Chilling Effect" and also find 
out why Bruce Schneier thinks full and open disclosure is a "damned good idea" while Marcus Ranum says disclosure of 
vulnerabilities is a marketing ploy by vendors that was never really designed to further security and has only 
succeeded in fostering a "grey-market economy in exploits." Do you think disclosure only aids attackers?
http://www2.csoonline.com/exclusives/column.html?CID=28088

By Date By Thread

Current thread:

seeking comments on disclosure articles smcalearney (Jan 12)
- <Possible follow-ups>
- RE: seeking comments on disclosure articles Michael Scheidell (Jan 13)