We are now close to this space being full circle. The next step is that the researchers will offer the vendor a chance to compete for the information on the vuln IP market and as a result winning vendors can choose to keep it to themselves...
Yep, Microsoft has won and we will soon be back to non-disclosure all around. Micheal Cottingham wrote: > I too have participated in ZDI as a researcher. It is a very good > program, and both the company and the researcher get what they want > out of the process. The company gets the time to fix the vulnerability > before everybody else finds out, and the researcher gets the > recognition (and some money) for their work. It is a win-win > situation. > > On Fri, Apr 4, 2008 at 10:28 AM, Ureleet <[EMAIL PROTECTED]> wrote: >> ive dealt a bit with tipping point and their zdi. how about you learn how >> it works first, the come back and criticize it? you obviously dont >> understand the contest at cansecwest, or how zdi plays into it. i was >> there, it was a good conf. >> >> but you need to learn how it works before you go ranting about it.... >> again... >> >> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
