, SecurityFocus 2001-11-09
Five computer security firms join Microsoft to set an official standard for limiting disclosure of software security holes
Expand all |
Post comment
Shocking developments
2001-11-09
H Carvey <keydet89 (at) yahoo (dot) com [email concealed]> (2 replies)
H Carvey <keydet89 (at) yahoo (dot) com [email concealed]> (2 replies)
...on second thought...Kudos!
2001-11-09
H Carvey <keydet89 (at) yahoo (dot) com [email concealed]> (1 replies)
H Carvey <keydet89 (at) yahoo (dot) com [email concealed]> (1 replies)
So what would force Microsoft to patch these holes if exploits are not published?
2001-11-10
Rafal Sybilla-Leszczynski (1 replies)
Rafal Sybilla-Leszczynski (1 replies)
So what would force Microsoft to patch these holes if exploits are not published?
2001-11-12
Anonymous
Anonymous
Microsoft have no server monopoly: this may reduce their share
2001-11-12
Kirsten Bayes (kirruth@hushmail)
Kirsten Bayes (kirruth@hushmail)
> There is a disclosure policy available on the web:
> http://www.wiretrip.net/rfp/policy.html
Good point. Which is why many of are probably shocked at the developments...last July at BH and DefCon, I saw several of the people employed by some of the listed companies chatting w/ RFP. I'm sure everyone's aware of the policy. There's been a lot of discussion and many have supported it.
Though the companies themselves signed up for the MS agreement, I don't think that we should assume that many of the big names agree with it. I think, however, in the case of one or two of the companies, that there had to be some agreement by those folks, or it wouldn't have happened...
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/281/8717#8717