Group Releases Anti-Disclosure Plan

Group Releases Anti-Disclosure Plan
Kevin Poulsen, SecurityFocus 2003-06-04

A group of 11 of the largest software companies and computer security firms released the first public draft of a proposed bug disclosure standard on Wednesday, and asked the security community for comments.

Expand all | Post comment

30 days 2003-06-05
Anonymous

Um...ok 2003-06-05
SFN (1 replies)

Standards?? 2003-06-05
Lockdown

Group Releases Anti-Disclosure Plan 2003-06-05
kl365

This "Standard" 2003-06-05
Patrick D. Cusack

Here we go again. 2003-06-06
RogueClient

Group Releases Anti-Disclosure Plan 2003-06-06
Dave Aitel

Group Releases Anti-Disclosure Plan 2003-06-06
G8R-B8

Group Releases Anti-Disclosure Plan 2003-06-07
Darren Woodall

The few dictating to the many? 2003-06-07
Anonymous

Group Releases Anti-Disclosure Plan 2003-06-08
Martin

Group Releases Anti-Disclosure Plan 2003-06-09
Seventh

convenient 2003-06-10
chort (1 replies)

I find it convenient that a few of the companies most notorious for having exploitable products are bringing in (paying?) some of the companies known for finding the exploits and essentially telling them to keep quiet about said 'sploits.

As someone else already pointed out, at least one of the involved companies has been extremely sluggish in the past to make available reasonable patches or workarounds for critical security flaws. I don't see how covering up their mistakes and defusing the light of truth will encourage them to make their products more secure going forward.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/5458/20377#20377

30 days 2003-06-11
Revilo

Group Releases Anti-Disclosure Plan 2003-06-11
sakazz

Stuff it. 2003-06-12
Anonymous

Group Releases Anti-Disclosure Plan 2003-06-13
Anonymous