Slashdot Mirror

← Back to Stories (view on slashdot.org)

Full Disclosure and Why Vendors Hate It

Posted by CowboyNeal on from the into-the-light dept.

An anonymous reader writes "Well known iPhone hacker Jonathan Zdziarski gave a talk at O'Reilly's Ignite Boston 3 this week in which he called for the iPhone hacking community to embrace full disclosure and stop keeping secrets that were leading to the iPhone's demise. He has followed up with an article about full disclosure and why vendors hate it. He argues that vendor-only disclosure protects the vendors and not the consumer, and that vendors easily abuse this to downplay privacy concerns while continuing to sell insecure products. In contrast, he paints full disclosure as a capitalist means to keep the vendor accountable, and describes how public outcry can be one of the best motivating factors to get a vulnerability addressed."

5 of 91 comments (clear)

  1. Re:Well of course by peragrin · · Score: 2, Funny

    That's only if they ever fix it to begin with. Some companies can't actually fix their software as it is broken to begin with and the security hole is what allows the software to run at all. years of software developers dealing with MSFT has set this mindset in place.

    Why fix the problem when you can gloss over it with a fresh coat of paint?

    note While MSFT is guilty of doing this, Third party developers are the real guilty party.

    --
    i thought once I was found, but it was only a dream.
  2. Peaks by Gracenotes · · Score: 5, Funny

    One of Apple's greatest marketing strengths is this ability to add hype around their products by peaking the curiosity of the common geek.
    As an aforementioned common geek, the misspelling in this sentence is enough to put me in a peak!
    1. Re:Peaks by Dun+Malg · · Score: 2, Funny

      That's the funniest post I've read in a week, as I write this on my desk made of teak Isn't that spelled "tique"?

      yeah, I think the joke is probably dead...
      --
      If a job's not worth doing, it's not worth doing right.
  3. Re:From the article: by FishWithAHammer · · Score: 3, Funny

    Is it Wednesday? I have it on good authority that Wednesday is Rob's turn to enact trollan gaemz.

    --
    "You can either have software quality or you can have pointer arithmetic, but you cannot have both at the same time."
  4. Re:From the article: by Koiu+Lpoi · · Score: 5, Funny

    I totally agree. Since EEE PCs and iPhones are now small enough to fit in the kitchen, we may be seeing a change in this trend.