Forwarded from: Darren Reed <darrenr@reed.wattle.id.au>
In some email I received from InfoSec News, sie wrote:
[...]
> "You either participate in the Responsible Disclosure Forum, or you're
> a black hat bent on being malicious, end of story," he wrote in the
> introduction to the guidelines. "Too much money, too many individuals
> and too much of the world's communication rely on responsible
> disclosure for it to be continued to be seen as a discussion worth
> debating."
[...]
That's really uningenious, using Bush's stance on terrorism as a model
for disclosure of security vulnerabilities.
Furthermore, I do not see why the free exchange of information between
people classes them as someone out to do harm (i.e. black-hat). What
has happened to those great American ideals of "freedom of speach" ?
Oh, that's right, they conflict with the goals of corporate America,
c.f. DMCA.
These people seem to understand the problem (risk, etc) but not the
problem.
The problem isn't that these security vulnerabilities get announced to
the world but that they exist _at all_.
This is treating the symptom, not the cause.
Darren
"America has a great consitution but has spent the last 200 years
trying to legislate against it." - anonymous
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@attrition.org with 'unsubscribe isn' in the BODY
of the mail.
Received on Mon Nov 12 09:36 CST 2001