2001/10 : Scott Culp, who founded MSRC (Microsoft Security Response Center), wrote an influential paper, after a series of attacks (virus and worms) from Feb to September 2001. At this time, the irritation against hackers and full disclosures was already calm since months.
Culp define what he called Information anarchy : "This is the practice of deliberately publishing explicit, step-by-step instructions for exploiting security vulnerabilities, without regard for how the information may be used. The relationship between information anarchy and the recent spate of worms is undeniable.Every one of these worms exploited vulnerabilities for which step-by-step exploit instructions had been widely published." (p.2)
Critical Commentary
2001/10 : Scott Culp, who founded MSRC (Microsoft Security Response Center), wrote an influential paper, after a series of attacks (virus and worms) from Feb to September 2001. At this time, the irritation against hackers and full disclosures was already calm since months.
Culp define what he called Information anarchy :
"This is the practice of deliberately publishing explicit, step-by-step instructions for exploiting security vulnerabilities, without regard for how the information may be used.
The relationship between information anarchy and the recent spate of worms is undeniable.Every one of these worms exploited vulnerabilities for which step-by-step exploit instructions had been widely published." (p.2)
This artifact is part of the Culp debate Bundle.