2018/06/15: Article about the SigSpoof vulnerability which makes it possible for attackers to fake digital signaturesRead more
2007/05/08 : Here is a Rain Forest Puppy interview done by Antonio Parata.
In June 2000, the hacker Rain Forest Puppy published his RFPolicy. The policy is known as the first attempt to formalize the complex issue of disclosure to the vendor or maintainer.
This...Read more
2021/08/30 : Dennis Fisher writes a three-part series upon the evolution of bug bounties since they get birth. Here is the first part, talking about "the hackers who turned a niche idea into a worldwide ...Read more
2000/10/09 : "Effective October 9, 2000, the CERT Coordination Center will follow a new policy with respect to the disclosure of vulnerability information."
Here are the information on the CERT/CC Vulnerability Disclosure Policy.
This artefact is...Read more
2014/12 : Dan Farmer had written COPS, "a very early, if not the earliest, vulnerability scanner". He also writes several "tools, papers, and work on improving Internet and *nix security".
"Dan has...Read more
2010/07/20 : Dennis Fisher writes on the new adjustment of the price of Google bug rewards.
This artifact is part of the Google Vulnerability Report Bundle.Read more
2001/10/26 : Davies gives his point of view on Clup essay : "He proposes a culture of secrecy, where the security professional should share his knowledge only with the software retailer or development group. This, he says, will "raise the bar" for those seeking to write destructive worms...Read more
2000/01/15 - Schneier Crypto-Gram newsletter :
nCypher publically disclosed SSL private key vulnerabilities to sell their solution to fix the flaw. Schneier writes here his opinion against this practice.
This article is part of the...Read more