Forwarded from: security curmudgeon <jerichoat_private> http://www.attrition.org/security/rant/z/ms-disclose.html Microsoft's Responsible Vulnerability Disclosure, The New Non-Issue Sat Nov 10 03:00:48 MST 2001 by Jericho (security curmudgeon) For almost a decade, a debate over the concept of Full Disclosure has reared its ugly head. Carried out on BBSs, newsgroups, security conferences, mail lists, parties, coffee shops and everywhere else, the Full Disclosure debate can be called "long standing" to say the least. As with everything in the computer industry before, Microsoft is doing nothing new here. Like many times before, Microsoft is re-inventing the wheel and opting for something other than round. The debate and issues at hand are complex and go back a long way. Short of writing a small book, I can't address every issue I would like to. The following article addresses some of the bigger issues. [...] (please see the HTML copy for the full article and snazzy images!) - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Nov 12 2001 - 03:52:04 PST