Obey writes "Disclosure. Just a word, but in the security field it is the root of progress, sharing knowledge and fixing bugs. SecurityFocus' Federico Biancuzzi collected opinions about the best disclosure process from 11 big vendors, 2 vulnerability
buyers, and 3 indipendent researchers.
It seems that the subtle difference between responsible and irresponsible disclosure
is just a matter of time, whereas vendors ask for unlimited patience and indipendent
researchers look for a real commitment to develop a patch in a short time."
September 7, 2006