|
|
|
|
|
|
by bigiain
2403 days ago
|
|
|
"Potential fallout"??? Like the potential fallout of known broken "encryption" in a security vendors products being hidden from their customers for 18 months? The ethics of publicly disclosing way quicker than that, despite what the vendor wants to label "responsible disclosure", seems pretty straightforward to me... I hope that 18 months of conference calls was extremely lucrative for the researcher here, because I'd feel like a jerk sitting on that one for a year and a half while the vendor was no doubt selling more and more of their broken and insecure crap to unsuspecting customers... |
|
|
Look how much time is wasted arguing over the highly subjective definition of “responsible” that breaks out. Communicating these issues would be far more optimal if we use objective language.
That was the point when Scott Culp coined that awful term in the first place. People are still taking the bait.