mailing list archives
Stanford Law School Conference on CyberSecurity, Research, and Disclosure
From: Jeremiah Cornelius <jeremiah () nur net>
Date: Thu, 23 Oct 2003 23:53:42 -0700
-----BEGIN PGP SIGNED MESSAGE-----
This Larry Lessig and Jennifer Granick's anti-DMCA gig...
Stanford Law School
CENTER FOR INTERNET AND SOCIETY
Conference on CyberSecurity, Research, and Disclosure
NOVEMBER 22, 2003, STANFORD, CA
This conference explores the relationship between computer security, privacy,
and disclosure of information about security vulnerabilities.
September 11th gave new urgency to the debate over whether information
collection and dissemination is dangerous or empowering. One view is that
vulnerability information should be kept secret and out of the hands of
potential criminals and foreign agents. Another view is that the public needs
to be informed about security weaknesses, so that people can take appropriate
precautions and so that there will be a constituency to pressure for the
rapid repair of vulnerabilities. Meanwhile, policy makers struggle to find a
balance between promoting security research, constructive information
sharing, remediation and protecting commercial interests. Industry has tried
to develop "best practices" for reporting and repairing vulnerabilities, but
major disagreements - over how much information to disclose, to whom, and
when - persist.
and the Deep Fix
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
- Stanford Law School Conference on CyberSecurity, Research, and Disclosure Jeremiah Cornelius (Oct 24)