This is just WRONG!

Posted by on December 24, 2004

There’s this idea in the Information Security world called Responsible Disclosure. Let’s say you, dear reader, found a big security problem in Windows XP(I’m sure that wouldn’t happen but you never know). You could do one of two things; immediately tell the world or quietly tell Microsoft and give them time to patch the problem before telling the world. Responsible Disclosure would dictate that you tell MS first. Give them a reasonable amount of time to patch the problem, six months seems to be the standard, and then release the vulnerability to the world. Of course there’s some common decency involved here. For example, if you gave MS the 6 months and they didn’t patch the problem and that 6 month period just happened to end around Christmas Eve, you might not release the vulnerability until AFTER THE FRIGGIN HOLIDAY!!!!

Apparently some of us don’t have that decency. Here we have someone who either just wasn’t thinkin’ or has a very sick and twisted since of humor. This guy has probably caused some people to have to put off travel plans or cancel being with their families for Christmas altogether.

The nerve of some people.

http://isc.sans.org//diary.php?date=2004-12-22

Last modified on December 24, 2004

Categories: InfoSec
Comments Off on This is just WRONG!

« | Home | »

Comments are closed.

%d bloggers like this: