lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Jun 2009 15:22:11 -0400 From: Shawn Merdinger <shawnmer@...il.com> To: Giuseppe Fuggiano <giuseppe.fuggiano@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Things to do before vulnerability disclosure While US law focused, you might take a look at the few guides by the EFF (Electronic Frontier Foundation). http://www.eff.org/issues/coders/vulnerability-reporting-faq Cheers, --scm On Mon, Jun 15, 2009 at 2:14 PM, Giuseppe Fuggiano<giuseppe.fuggiano@...il.com> wrote: > What are, if any, the legal and "ethical" things to do before someone > could publicly disclosure a given vulnerability? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists