Daily flaws ratchet up disclosure debate

Daily flaws ratchet up disclosure debate
Robert Lemos, SecurityFocus 2006-07-14

HD Moore is used to polarizing the vulnerability-research community.

Daily flaws ratchet up disclosure debate 2006-07-14
Don Parker

Daily flaws ratchet up disclosure debate 2006-07-14
Matthew Murphy

H.D. once referred to you as "one of the few reporters who actually understands the issues involved [in the disclosure debate]."

This is a shining example of why: you've done a balanced piece of reporting that illustrates why vendors must have time, but not unlimited time, to fix vulnerabilities.

Defining that standard of how much time is the right amount of time is exactly where people like Moore and companies like Microsoft clash.

Peter Swire has the right idea, but vulnerability reporting seems, for the immediate future, destinated to remain an imprecise art with many different views about how to do it best.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11400/33952#33952

A bunch of MicroBug$... again! 2006-07-17
assurbanipal

Daily flaws ratchet up disclosure debate 2006-07-17
Bruce McCulley (1 replies)

Re: Daily flaws ratchet up disclosure debate 2006-07-22
Hordur Helgi Helgason