Firefox buffer overflow and full disclosure
Posted Sep 16, 2005 22:29 UTC (Fri) by gerv
In reply to: Firefox buffer overflow and full disclosure
Parent article: Firefox buffer overflow and full disclosure
To use another unworkable analogy: if Consumer Reports learned of a flaw
in all Ford cars, whereby someone could easily unlock the doors by tapping
them in just the right spot (or something similar), would you rather they
quietly just tell Ford about it and wait for them to take months/years to
do anything about it, or would you rather know about it yourself, so you
can replace the locks on your Ford your own damn self??
I'd tell Ford: "You have two weeks to make sure all of your dealerships around the world have a decent stock of replacement locks. Then I'm going public." Which is the exact equivalent of responsible disclosure.
to post comments)