Secure Coding mailing list archives
On exploits, hubris, and software security
From: BlueBoar at thievco.com (Blue Boar)
Date: Fri, 03 Nov 2006 09:50:10 -0800
Gary McGraw wrote:
The main thing I wonder is, what do you think? When you have a hot demonstration of an exploit, how do you responsibly release it? What role do such demonstrations play in moving software security forward?
To pick one extreme, I believe there are times when intentionally blindsiding a vendor is appropriate: http://ryanlrussell.blogspot.com/2006/11/you-want-mac-wireless-bugs.html BB
Current thread:
- On exploits, hubris, and software security Gary McGraw (Nov 03)
- On exploits, hubris, and software security Blue Boar (Nov 03)
- <Possible follow-ups>
- On exploits, hubris, and software security SC-L Subscriber Dave Aronson (Nov 03)
- On exploits, hubris, and software security Gary McGraw (Nov 03)
- On exploits, hubris, and software security Blue Boar (Nov 03)