The Curmudgeon's Crystal Ball: Security Predictions for 2003

The Curmudgeon's Crystal Ball: Security Predictions for 2003
Richard Forno, 2003-01-15

As we ring in the new year, it's in with the new and out with the old. Or is it? Our fearless forecaster thinks not.

The Curmudgeon's Crystal Ball: Security Predictions for 2003 2003-01-16
Anonymous (1 replies)

Your prediction is that vendors will continue not to be held responsible for product defects that lead to security holes. Maybe security "researchers" should stop following so-called responsible disclosure and instead start posting security related bugs without notifying the vendors first. Make the vendors feel the true cost of not putting a priority on correct software in the first place. Hit them in the wallet. Make them scramble to get it fixed. Make them field phone calls and emails from angry customers. The 'responsible full disclosure' movement may be one of the best things ever to happen to companies like Microsoft who don't want to spend money making correct software.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/135/17789#17789

Understandable, but the wrong approach. 2003-01-20
Anonymous (1 replies)

Understandable, but the wrong approach. 2003-01-24
Anonymous

The Curmudgeon's Crystal Ball: Security Predictions for 2003 2003-01-17
Bob Radvanovsky

The Curmudgeon's Crystal Ball: Security Predictions for 2003 2003-01-17
Anonymous

I got a good prediction for Forno. 2003-01-22
Tradeser (1 replies)

I got a good prediction for Forno. 2003-01-25
Rick Forno