Slashdot Mirror

← Back to Stories (view on slashdot.org)

Group Releases Anti-Disclosure Plan

Posted by michael on from the obscurity dept.

dki writes "SecurityFocus reports that the Organization for Internet Safety (OIS), a group of 11 of the largest software and security companies, has released a public draft of a proposed bug disclosure standard. The document outlines a process for reporting and disclosing bugs that aims to eliminate releasing exploits to the general public. Not surprisingly, the OIS was founded out of a Microsoft-hosted security conference. Comments on the draft will be accepted until July 4th; the final copy will be released at the Black Hat Conference in Las Vegas."

1 of 149 comments (clear)

  1. OIS Members by evenprime · · Score: 1, Redundant
    According to their page, the members are:
    • @stake
    • BindView
    • Caldera International (The SCO Group)
    • Foundstone
    • Guardent
    • ISS
    • Microsoft
    • NAI
    • Oracle
    • SGI
    • Symantec
    Considering their backgrounds, it is sad that @stake and ISS are involved in an anti-disclosure group.
    --

    "Weapons should be hardy rather than decorative" - Miyamoto Musashi
    I think that goes for OS's too