I'm subscribed to tons of different security and vendor announcement lists. I personally have no problems keeping up with new vulnerabilities and patches.

I'm not worried about researchers posting vulnerabilities for publicity's sake. I'm worried instead that major software vendors are still pushing crap out the door...crap that breaks under very simple attacks -- and the flood of advisories that you're so worried about has had no visible effect on their software development and release processes.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/114/16752#16752