lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: guninski at guninski.com (Georgi Guninski) Subject: CERT, Full Disclosure, and Security By Obscurity KF wrote: > Blue Boar wrote: > >> Georgi Guninski wrote: >> >>> Recently when I notified some vendors about a vulnerability, I wrote >>> something like a license agreement that the info should not be >>> disclosed to m$, cert, mitre, sf and others. > > >> What have you got against Mitre? > > > I have certainly seen some of the folks at Mitre go out of their way to > get things documented properly and other things of that nature quite a > few times. Steven M. Christey in particular... > Steven M. Christey proposed the responsible disclosure lame draft and signed it. I find it quite hipocritical to propose delaying of information, and at the same time mitre to get the 0days before they are released. Georgi Guninski http://www.guninski.com
Powered by blists - more mailing lists