1999 : NMRC [Nomad Mobile Research Center] published a bug disclosure policy stating they would first verify the vulnerabilities they found, before notifying the vendor. The public will be informed one month after the vendor in case of a 'very high priority...Read more
2001 : "A group of black-hat hackers, in a campaign called "Project Mayhem," have declared war on white-hat hackers who've gone to work for security firms."
The 'Project Mayhem' is the battle declaration of full-disclosure against anti-sec.Read more
2017 : FIRST release their Guidelines and Practices for Multi-Party Vulnerability Coordination and Disclosure.
"The purpose of this document is to assist in improving multi-party vulnerability coordination across different stakeholder communities."
This artifact is...Read more
2018/05/24: Article on EFAIL vulnerability, email vulnerabilities and the patching of those vulnerabilities. It questions the safety of emails in generalRead more
Here is the presentation of the AntiSecurity movement.
This artifact is part of the Anti-Sec movement Bundle.Read more
2000/07/26 : Ranum beggan a big debate with his keynote speech of the US Black Hat conference in Las Vegas, in 2000. Robert Lemos is here commenting what happened.
This artifact is part of the Bundle ...Read more
2002/02/19 : Patrick Gray explains RFPolicy birth.
In June 2000, the hacker Rain Forest Puppy published his RFPolicy. The policy is known as the first attempt to formalize the complex issue of disclosure to the vendor or maintainer.
This artefact is part of the...Read more
2020/05/18 : Jessica Haworth writes on FIRST updates guidelines for multi-party vulnerability disclosure.
This artifact is part of the FIRST Vulnerability Disclosure Bundle.Read more
2017/11/15 : "[T]he White House released a charter for the administration’s once-shadowy Vulnerabilities Equities Process (VEP)." (see : https://www.lawfareblog.com/...Read more