, 2006-03-07
There is value in finding vulnerabilities. Yet many people believe that a vulnerability doesn't exist until it is disclosed to the public. We know that vulnerabilities need to be disclosed, but what role do vendors have to make these issues public?
Anonymous
I almost agree with this, but I wish Jason had said that most people also haven't a clue what to do about vulnerabilities.
I'd submit that to be truly a responsible disclosure, no vulnerability shou...
[ more ]