November 20, 2001

Bug secrecy vs. full disclosure

Author: JT Smith

ZDNET: "Last month Scott Culp, manager of the security response center at Microsoft, published an essay describing the current practice of publishing security vulnerabilities to be "information anarchy." He claimed that we'd all be a lot safer if researchers would keep details about vulnerabilities to themselves, and stop arming hackers with offensive tools."


  • Linux
Click Here!