Security Firm May Stay Mum on Vulnerabilities in the Future
I can assure you, that if this company or any others follow through on their promise not to disclose vulnerabilities that they might find to the public, there will be a backlash like no one will believe is possible.
Paul F. Roberts writes in eWeek:
The security research company responsible for discovering a software hole later used by the Slammer worm is considering an end to its policy of publishing details of vulnerabilities to public forums.
Next Generation Security Software Ltd., a Surrey, England, company founded by brothers David and Mark Litchfield, is weighing a change that would keep details of software vulnerabilities between NGS and the software vendor affected.
The change in policy, which is still under consideration, comes amid heightened debate about the practices of independent security researchers after a former employee of Internet Security Systems Inc. revealed details of a serious hole in Cisco Systems Inc.'s Internet Operating System, which is run by many of the machines that make up the Internet's critical infrastructure.
posted by Fergie @ 8/08/2005 10:14:00 AM
0 Comments:
Post a Comment
<< Home