2002/07/12 : Michael Morgenstern and Tom Parker point to the failure of Christey and Wysopal's willingness to put in place common measures for responsible disclosure.
"Unfortunately, Steve Christey and Chris Wysopol's RFC of February...Read more
2002/03/15 : Schneier published his monthly newsletter.
Schneier gives this time a summary of the vulnerabilitiy disclosure actual issues.
"The history of the vulnerability's discovery and publication is an interesting story, and illustrates the...Read more
2017/11/15 : "[T]he White House released a charter on the vulnerability equities policy outlining how the federal government will alert private companies to cybersecurity flaws or refrain for intelligence purposes." (...Read more
2017/01/20 : Omar Santos writes about the new FIRST Guidelines and Practices for Multi-Party Vulnerability Coordination and Disclosure.
This artifact is part of the FIRST Vulnerability Disclosure Bundle...Read more
2002/05/16-17 : Workshop on Economics and Information Security (WEIS) took place at the Berkeley university. Researchers met to work on the question of "Do we spend enough [or too much] on keeping `hackers' out of our computer systems?". They speak of possible coordinated disclosure...Read more
Here is the presentation of the AntiSecurity movement.
This artifact is part of the Anti-Sec movement Bundle.Read more
2004/12 : Jeff Bollinger explains his point of view in the vulnerability disclosure debate.
"To effect the optimal result of 'greatest good', each player in the disclosure process must agree and co-ordinate to achieve the greatest return, and lowest damages." (p.14)
This artifact...Read more
2000/07/26 : Ranum beggan a big debate with his keynote speech of the US Black Hat conference in Las Vegas, in 2000. Here is Weld Pond answer to it.
This artifact is part of the Bundle...Read more