2018/12 : ENISA (European Union Agency for Cybersecurity) release its Economics of Vulnerability Disclosure Report.
"Vulnerability disclosure refers to the process of identifying, reporting and patching weaknesses of software, hardware or services that can be exploited....Read more
2007/01/15 : "A US security firm is offering up to US$72,000 in bounties for the development of working exploits for Microsoft's Windows Vista and Internet Explorer 7." Read more
2000 : The authors explain their view pro full disclosure and its aim of educating people. They add their opinion on the bad sides of full disclosure.
"The only rational solution is to make the script kiddies responsible for their actions, as we do with all criminals...Read more
2001/11/08 : Robert Lemos interviewed Scott Culp for CNET News.
"The essay is not calling for people to refrain from looking for security vulnerabilities, to stop reporting them to the vendors, to stop telling customers about them. We don't want to change any of that. The only thing that...Read more
1997/11/08 : Austin Bunn explains how, regarding to him, "the technobacchanal Beyond HOPE highlighted the further evolution of computer jocks into the mainstream - and into money."
Read more
2004/12 : Jeff Bollinger explains his point of view in the vulnerability disclosure debate.
"To effect the optimal result of 'greatest good', each player in the disclosure process must agree and co-ordinate to achieve the greatest return, and lowest damages." (p.14)
This artifact...Read more
2000/10 : Interview with Elias Levy (Bugtraq). He explains his opinion on full disclosure.
"Corporations only purpose is to generate money. Software vendors will only "take security seriously" when their customers do. Until then they have no incentive to...Read more