LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Disclosure of vulnerabilities

Disclosure of vulnerabilities

Posted Apr 1, 2006 12:30 UTC (Sat) by Shanep (guest, #36879)
In reply to: Disclosure of vulnerabilities by man_ls
Parent article: Interview: Theo de Raadt of OpenBSD (NewsForge)

Sorry, but if want to talk about ethics, then where are Sun and IBM's ethics? Theo refusing to give them a heads up on security issues, is hardly worse than Sun and IBM, with all their money, refusing to give a cent but expecting support for free. If you get any at all, it is a damn temporary privilege.

Sun and the rest need to look at the part of the BSD licence which disclaims all warranties. Sure the code is as free as it gets. But don't expect support at all, much less for free.

I would love to see Theo charge a premium for responsible disclosure.

(Log in to post comments)

Disclosure of vulnerabilities

Posted Apr 1, 2006 13:40 UTC (Sat) by man_ls (subscriber, #15091) [Link]

That is precisely the point. Of course Sun is not behaving ethically. But seeing the other party is not behaving ethically is no excuse for behaving unethically yourself.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds