Vulnerability Development mailing list archives
RE: Complicated Disclosure Scenario
From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Thu, 17 Jan 2002 16:49:41 -0500 (EST)
On Thu, 17 Jan 2002, Dom De Vitto wrote:
Ethics indicates that in order to protect users, public disclosure (full or limited) is the only remaining way to protect users - either because the don't use the product, or because the vendor fixes it due to public pressure.
if you wanna feel better about it, include some workarounds for people to
use it a bit safer, or supply, if possible, an alternative. then you have
more than adequately covered your bases.
____________________________
jose nazario jose () cwru edu
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
Current thread:
- Re: Complicated Disclosure Scenario, (continued)
- Re: Complicated Disclosure Scenario Giurgiu Sergiu (Jan 17)
- Re: Complicated Disclosure Scenario Ryan Permeh (Jan 17)
- Re: Complicated Disclosure Scenario David Carroll (Jan 17)
- Re: Complicated Disclosure Scenario Nick Lange (Jan 17)
- Re: Complicated Disclosure Scenario Bill Weiss (Jan 17)
- Re: Complicated Disclosure Scenario Florian Weimer (Jan 17)
- Re: Complicated Disclosure Scenario Nick Lange (Jan 17)
- Re: Complicated Disclosure Scenario Mariusz Mazur (Jan 17)
- Re: Complicated Disclosure Scenario Dan (Jan 17)
- RE: Complicated Disclosure Scenario Dom De Vitto (Jan 17)
- RE: Complicated Disclosure Scenario Jose Nazario (Jan 17)
- Re: Complicated Disclosure Scenario Jeff Nathan (Jan 17)
- RE: Complicated Disclosure Scenario Jose Nazario (Jan 17)
- Re: Complicated Disclosure Scenario (Summary) Josha Bronson (Jan 19)
- RE: Complicated Disclosure Scenario NP-GEE-CLOUGH AARON (Jan 17)
- FW: Complicated Disclosure Scenario Martin . Farrelly (Jan 17)
- RE: Complicated Disclosure Scenario Everhart, Glenn (FUSA) (Jan 17)
- RE: Complicated Disclosure Scenario Parity (Jan 17)