[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Full Disclosure versus Responsible Disclosure
I'm making the assumption the list is still moderated, so you'll only see this if its approved. I'm looking for a public security company who, as a company, is prepared to argue in favor of Full Disclosure versus my suggested Responsible Disclosure. Its a TV opportunity, any takers? FYI, one point against Full Disclosure might be open distribution of exploit code, or code snippets in public discovery announcements, or other attempts to provide "useful" proof of concept or exploit code. One point in favor of Responsible Disclosure is the vetting of announcements to accurately depict severity, provide coordinated effort to get Vendors to fix problems, avoid government regulation of information. Cheers, Russ Call me or email, 705.878.3405.