, 2006-09-05
Federico Biancuzzi surveys statements from some of the world's largest software companies about vulnerability disclosure, interviews two security companies who pay for vulnerabilities, and then talks with three prominent, independent researchers about their thoughts on choosing a responsible disclosure process. In three parts.
Matthew Murphy
Most vendors prefer to err on the side of limited disclosure -- that is, they prefer to wait until...
[ more ]