Slashdot Mirror


Schneier On Full Disclosure

Bruce let me know that he's written a piece on ZDNet (original home of the for the Window of Exposure idea is on Counterpane ? ) about the problems of not following full disclosure. Very well written and does a great job of summarizing why full disclosure works. The original piece from Culp @ Microsoft is also available, along with the PowerPoint that they did.

2 of 232 comments (clear)

  1. Microsoft's answer to Full Disclosure by Phydoux · · Score: 5, Funny

    Everybody seems to like "Full Disclosure," so here at Microsoft, we've decided to begin releasing all security vulnerabilities under a "Shared Disclosure" policy. Once the various NDAs are signed, you too can view and work with any security vulnerabilities that we know about.

    Just another example of how Microsoft listens to and responds to customer requests. Have a nice day!

    --
    If a tree fell on a florist, and nobody was around to hear it, would he make a noise?
  2. Re:Sometimes you should shout "Fire" by squidfood · · Score: 5, Funny

    When you see a fire in a crowded theatre, you:

    (A) Shout "FIRE!" and get crushed in the panic.
    (B) Walk out quietly...who cares about anyone else?
    (C) Tell your closest neighbor and hope that they're a fireman.
    (D) Pour on gasoline so everyone will get out faster.