vulnerability disclosure

White-Hat Hate Crimes on the Rise (Wired Paper)

2001 : "A group of black-hat hackers, in a campaign called "Project Mayhem," have declared war on white-hat hackers who've gone to work for security firms."
The 'Project Mayhem' is the battle declaration of full-disclosure against anti-sec.Read more

The Cuckoo's Egg, book written by Clifford Stoll

Amazon bug bounty

https://hackerone.com/amazonvrp?type=team
Netscape Announces "Netscape Bugs Bounty" with release of Netscape Navigator 2.0 Beta

1995/10/10 : Netscape organize the first Bug Bounty, a program that rewards users who help Netscape find and report "bugs" in the beta versions of its Netscape Navigator 2.0 software.Read more

PGP und S/MIME: E-Mail-Verschlüsselung akut angreifbar (Heise Security article)

2018/05/14: Article on the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

Culp Debate

Culp - It's time to end information anarchy
A Step Towards Information Anarchy: A Call To Arms - hellNbak
Information Anarchy: The Blame Game? - Edwards reaction on Culp essay
Security in an Open Electronic Society - Levy reaction on Culp essay
Peace of Mind Through Integrity and Insight - Manzuik reaction on Culp essay
Keeping Security Issues in the Open - Davies reaction on Culp essay
NEOHAPSIS - LeBlanc reaction on Culp essay
Security woes: Who is to blame? - Culp interview
MS says stop discussing hack exploits - Leyden paper
ACM: Digital Library: Computers and Society - Bollinger paper
Full Disclosure of Vulnerabilities – pros/cons and fake arguments (Vidstrom paper)
Microsoft's Responsible Vulnerability Disclosure, The New Non-Issue

Black Hat 2000 - Ranum and Granick VS Rausch and Amhed

April 2000, at the Black Hat Conference (Singapour) took place a debate with Ranum and Granick against Rausch and Amhed.Read more
How Not To Secure An Election (OP Presentation)

2019/10/17: Open Privacy Presentation given by Sarah Jamie Lewis retracing the timeline of events around the Swiss Post e-voting system bug bounty and vulnerability disclosures made by her teamRead more

Google Security Reward - 2015 Year in Review

2010/01 : Google launches its Vulnerability Report Program which gives financial bounties to security researcher finding bugs. 

"[B]ecause rewarding security researchers for their hard work benefits everyone. These financial rewards help make our services, and the web as a whole,...Read more

Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered

1998-1999 : Birth of the anti-Sec movement.

"We are the Ant-Sec movement, and we are dedicated to eradicating full-disclosure of vulnerabilities and exploits and free discussion on hacking related topics."

This artifact is part of the ...Read more

Bugtraq Mailing List - Archives

https://seclists.org/bugtraq/
PGP: Encryption Program Used by Edward Snowden 'Can Leak Secret Messages' (Newsweek article)

2018/05/14: Newsweek article about EFAIL disclosure.

This article is interesting as it makes the link between the EFAIL disclosure and the emblematic figure of digital rights activist Edward Snowden:

PGP, which is used to scramble the content of sensitive messages and

...Read more
Subscribe to vulnerability disclosure
Need help with PECE?
Join the PECE Slack channel