security disclosure threatened by lawsuits

Mar 29th, 2005

Comments: 0
Category: Vulnerability Management

security disclosure threatened by lawsuits

Legal threat stops flaw info release – Computerworld
Well this isn’t a good thing for security research in my opinion. Whilst I don’t always think that security companies getting press by releasing exploits is a good thing, it is one of the main ways that software companies seem to be put under pressure to improve the security of their software.
Ideally companies would always be proactive about improving the security of their systems, but in the real world other things tend to take precedence, unless it’s made a priority for them by external people, either security researchers pointing out flaws, or “black hats” exploiting their software…
Arguably if Microsoft hadn’t developed such a bad reputation for security a couple of years ago, we wouldn’t have seen all the excellent initiative their producing now…..

Add a comment

Your email address will not be shared or published. Required fields are marked *