Don't look for logic in the latest rant against vulnerability finders.

Claiming a vendetta against security researchers that support full disclosure, one or more vandals targeted image-hosting service ImageShack on Friday, causing every request for an image to return a statement raging against the release of vulnerability details. In a blog post, ImageShack stated that the attack occurred at 8 p.m. PST on Friday.

"We learned that the group had gained control of how images were being displayed," the site stated. "Before 9 p.m. PST, normal functionality had been restored to user images. No user data or content was damaged or lost."

Since ImageShack has not been a bastion of full-disclosure support, it appears to be a target of convenience for the vandals.

The online hoodlums, who appear to dislike disclosure because security companies and researchers indirectly profit from the release of vulnerability details, are not the first to voice frustration with the current regime of disclosure. Some security professionals have argued for partial disclosure, revealing minimal details about a bug until it is fixed, while companies such as Microsoft have pushed for, "responsible disclosure," giving vendors time to fix a bug for revealing any details.

In April, a group of well-known researchers called for companies to stop expecting that vulnerability details will be given freely. Declaring "No More Free Bugs," the group advocates the withholding of vulnerability details unless software companies find a way to pay them for their time.

In the image posted to ImageShack's site, the vandals threatened to continue their activities until the security community stops supporting full disclosure.

If you have tips or insights on this topic, please contact SecurityFocus.