Yo Thor! On Tue, 10 Jul 2012 19:58:16 +0000 "Thor (Hammer of God)" <t...@hammerofgod.com> wrote:
> People do not disclose their research to make
> the world a better place. They do it for recognition or for money.
I would argue there is a 3rd reason. Self defense. I and others have
had issues of our servers being attacked by unkown evil doers. To keep
our servers running we need to reverse engineer the hack and get the
bug fixed or the attack vector blocked. Until '* Disclosure' in its many
aspects was common it was virtually impossible to get vendors to fix
open holes being actively used by attackers. The public shaming of
'* Disclosure' large companies found denial a very easy and cheap
resonse to bugs that were killing us.
So in this case recognition is not an issue and money is not an issue
for any non-commercial servers.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701
g...@rellim.com Tel:+1(541)382-8588
signature.asc
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
