Slashdot Mirror

← Back to Stories (view on slashdot.org)

Reporting Vulnerabilities Is For The Brave

Posted by ryuzaki0 on Monday May 22, 2006 @09:16AM from the cya-first-and-always dept.

An anonymous reader writes "A recent post on the CERIAS weblogs examines the risks associated with reporting vulnerabilities. In the end, he advises that the risks (in one situation, at least) were almost not worth the trouble, and gives advice on how to stay out of trouble. Is it worth it to report vulnerabilities despite the risks, or is the chilling effect demonstrated here too much?"

1 of 245 comments (clear)

Min score:

Reason:

Sort:

And that's why I use open source by disasm · 2006-05-22 09:19 · Score: 5, Insightful

Open Source projects don't interrogate and try to prosecute you if you find a security problem and report it.