Slashdot Mirror

← Back to Stories (view on slashdot.org)

Schneier On Full Disclosure

Posted by Hemos on from the interesting-reading dept.

Bruce let me know that he's written a piece on ZDNet (original home of the for the Window of Exposure idea is on Counterpane ? ) about the problems of not following full disclosure. Very well written and does a great job of summarizing why full disclosure works. The original piece from Culp @ Microsoft is also available, along with the PowerPoint that they did.

1 of 232 comments (clear)

  1. Sometimes you should shout "Fire" by markmoss · · Score: 1, Redundant

    "Culp compares the practice of publishing vulnerabilities to shouting "Fire" in a crowded movie theater. What he forgets is that there actually is a fire, the vulnerabilities exist regardless. Blaming the person who disclosed the vulnerability is like imprisoning the person who first saw the flames."