2020/05/18 : Jessica Haworth writes on FIRST updates guidelines for multi-party vulnerability disclosure.
This artifact is part of the FIRST Vulnerability Disclosure Bundle.Read more
2002/05/16-17 : Workshop on Economics and Information Security (WEIS) took place at the Berkeley university. Researchers met to work on the question of "Do we spend enough [or too much] on keeping `hackers' out of our computer systems?". They speak of possible coordinated disclosure...Read more
2005/12/07 : Andrew Cencini, Kevin Yu, Tony Chan write upon the different choices of vulnerability disclosures.
"When a software vulnerability is discovered by a third party, the complex question of who, what...Read more
2002/02/19 : Patrick Gray explains RFPolicy birth.
In June 2000, the hacker Rain Forest Puppy published his RFPolicy. The policy is known as the first attempt to formalize the complex issue of disclosure to the vendor or maintainer.
This artefact is part of the...Read more
2002/04/08 : Arne Vidstrom points a list of the pros, cons and fake arguments on full disclosure of vulnerabilities.
This artifact is part of the Culp debate Bundle.Read more
2002/03/11 : Rasch analyses Christey and Wysopal IETF Draft.
"The report articulates what many in the security industry have considered to be a reasonable method of reporting security vulnerabilities." (p.1)
This artifact is part of the...Read more
Here is the presentation of the AntiSecurity movement.
This artifact is part of the Anti-Sec movement Bundle.Read more
2002/03/15 : Schneier published his monthly newsletter.
Schneier gives this time a summary of the vulnerabilitiy disclosure actual issues.
"The history of the vulnerability's discovery and publication is an interesting story, and illustrates the...Read more