[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: [IP] CERT's vulnerability disclosure policy draws fire
CERT's vulnerability disclosure policy draws fire Security researcher Mark Litchfield doesn't agree with the CERT Coordination Center's policy of giving information about vulnerabilities to government agencies and other organizations before passing it on to IT workers. CERT says it is taking a reasoned approach in giving critical infrastructure and system operators notice prior to general release. An easy solution to this conflict doesn't exist. On one hand, you want to keep a lid on the information until a fix is found. On the other hand, anyone impacted has a right to know, not just the Department of Homeland Security. http://cl.com.com/Click?q=4f-Iar4IIUc_gagS2zQwA9is1BFn0PR ------ End of Forwarded Message ------------------------------------- To unsubscribe or update your address, click http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC