You'll take your full disclosure pill, and like it.
Date: Wednesday, April 27 @ 23:43:14 CEST Topic: Security
Source: Just a month ago now, legal threats
by Sybase directed at NGS Software were used to cease the full
disclosure of eight holes in its product. NGS Software disclosed
their findings to Sybase and advised them its public disclosure would
occur three months after that. Sybase didn't like that, but it
all worked out in the end after they reached a settlement. Could
it be that Sybase didn't have enough time to warn their customers about
the upgrade?
Responsible disclosure of software flaws by
vulnerability researchers has "significantly improved" the security of
products, Powers said.
I concur. Click source for more.
|
|