You have to think about end-users as well ... Those are impacted first, not the vendors.
On 23 April 2013 16:51, Georgi Guninski <[email protected]> wrote: > Completely disagree. > > IMHO nobody should bother negotiating with terrorist vendors. > > Q: What responsibility vendors have? > A: Zero. Check their disclaimers. > > > On Tue, Apr 23, 2013 at 04:14:53PM +0200, Gregory Boddin wrote: > > That's indeed not rocket science. > > > > Nobody should release their disclosure/exploit (or give hint about it) in > > the wild before letting the vendor fix it. > > > > There's already enough blackhats out there selling/using those. > > > > I sure hope I am not the only person in the list who wishes responsible > > > disclosure. > > > > > > --- > > > Henri Salo > > > > > > -----BEGIN PGP SIGNATURE----- > > > Version: GnuPG v1.4.10 (GNU/Linux) > > > > > > iEYEARECAAYFAlF2eWAACgkQXf6hBi6kbk8p+QCgkrzZnNpipCMC/kexFq8OR3Q2 > > > NiIAnRMYicxFqmJhvjLIEZolEKjQcEEE > > > =q78V > > > -----END PGP SIGNATURE----- > > > > > > _______________________________________________ > > > Full-Disclosure - We believe in it. > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > Hosted and sponsored by Secunia - http://secunia.com/ > > > >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
