2002/03/15 : Schneier published his monthly newsletter.
Schneier gives this time a summary of the vulnerabilitiy disclosure actual issues.
"The history of the vulnerability's discovery and publication is an interesting story, and illustrates the...Read more
2000/01/15 - Schneier Crypto-Gram newsletter :
nCypher publically disclosed SSL private key vulnerabilities to sell their solution to fix the flaw. Schneier writes here his opinion against this practice.
This article is part of the...Read more
1997 : L0pht, "a group of sophisticated hackers has stepped up the assault on the security of Microsoft's Windows NT operating system."
The group began then negotiating with Microsoft and other companies. They agreed to notice them a month before the...Read more
2010/07/20 : The Google authors give arguments to show why responsible disclosure is not always efficient. They propose to give a 60 days to the vendors to fix bugs disclosed before the vulnerabilities become public.Read more
2002/02/28 : Steven M. Bellovin and Randy Bush shows the utility of obscurity and open discussions on vulnerabilities. Read more
1997/04/11 : Aleph One publishes a L0pht advisory on Bugtraq.
This artifact is part of the L0pht Bundle.Read more
1999/11 : Marcus Ranum and Jeremy Rausch wrote both on this special issue on Security. Did Jeremy Rausch wrote to respond to Ranum’s article? The two article side-by-bside seems an editorial choice, was it an order of the journal ?
Between 1999...Read more
2000/07/26 : Ranum beggan a big debate with his keynote speech of the US Black Hat conference in Las Vegas, in 2000. Here is Weld Pond answer to it.
This artifact is part of the Bundle...Read more
2000/07/26 : Here are the slides of Ranum keynote at the US Black Hat conference.
Between 1999 and the mid 2000s, Ranum developed his critique of full disclosure, and he presented it as the keynote speech of the US...Read more