Realistically, it will take at least a month to go from security to development through QA and release (in your case probably twice, because it may have to go through the carrier's QA/release). Wikipedia says 5 months: http://en.wikipedia.org/wiki/Responsible_disclosure
- Philipp On 07/04/2012 10:49 PM, Jann Horn wrote: > After having reported a security-relevant bug about a smartphone, how long > would > you wait for the vendor to fix it? What are typical times? > > I remember telling someone about a security-relevant bug in his library some > time > ago - he fixed it and published the fixed version within ten minutes. On the > other hand, I often see mails on bugtraq or so in which the given dates show > that > the vendor took maybe a year or so to fix the issue... > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
