Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Irresponsible Disclosure
Jon Lasser, 2002-06-26

Internet Security Systems violated community standards and common sense with its surprise Apache bug announcement.

Submit Comment Mode:
Name:
Subject:
Message:
 
  Enter the characters that appear above
 
Damned if you do (irresponsibly), damned if you don't (ever) 2002-06-28
Tor Slettnes
I disagree - companies _can_ get this right. That's what Jon Lasser is talking about - guidelines for responsible release of vulnerability information.

If a vulnerability is found for the first time by a "white hat", the responsible thing for her (or him) to do is to inform the vendor of the sof...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus