Time to Shield Researchers

Time to Shield Researchers
Oliver Day, 2009-03-20

Research is the backbone of the security industry but the legal climate has become so adverse that researchers have had to worry about injunctions, FBI visits, and even arrest.

Colapse all | Post comment

Time to Shield Researchers 2009-03-23
Anonymous

I totally agree; companies think security through obscurity is going to protect them. I can't wait until the day, when consumer backlash starts happening to these companies that have purposefully ignored security researchers. It looks like it will take a major class action lawsuit against these comp...

[ more ] [ reply ]

Some Companies Do Have Public Policies 2009-03-23
Andy Steingruebl (1 replies)

Oliver,

I work at PayPal and both we and Microsoft have public policies that encourage researchers to responsibly disclose security vulnerabilities and inform the researcher that legal action won't be pursued against them if they do. The intent of these types of policies is to remove any possibl...

[ more ] [ reply ]

Re: Some Companies Do Have Public Policies 2009-04-02
Anonymous

It's nice to see that responsible researchers don't have to worry about being sued by paypal but they still get to provide their security expertise for free....

[ more ] [ reply ]

Time to Shield Researchers 2009-03-24
Kyle H

I believe that one of the most important places to contact would be the Computer Security Resource Center (CSRC), at the National Institute of Science and Technology. (http://csrc.nist.gov/) Another place might be the National Center for Digital Intrusion Response, http://ncdir.us/.

If there we...

[ more ] [ reply ]

Time to Shield Researchers 2009-03-27
Anonymous

Maybe we should dust off the original bill of rights and start using it again? ...

[ more ] [ reply ]