Completely disagree. IMHO nobody should bother negotiating with terrorist vendors.
Q: What responsibility vendors have? A: Zero. Check their disclaimers. On Tue, Apr 23, 2013 at 04:14:53PM +0200, Gregory Boddin wrote: > That's indeed not rocket science. > > Nobody should release their disclosure/exploit (or give hint about it) in > the wild before letting the vendor fix it. > > There's already enough blackhats out there selling/using those. > > I sure hope I am not the only person in the list who wishes responsible > > disclosure. > > > > --- > > Henri Salo > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.10 (GNU/Linux) > > > > iEYEARECAAYFAlF2eWAACgkQXf6hBi6kbk8p+QCgkrzZnNpipCMC/kexFq8OR3Q2 > > NiIAnRMYicxFqmJhvjLIEZolEKjQcEEE > > =q78V > > -----END PGP SIGNATURE----- > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
