> I'm doing a research project on software vulnerability
> disclosure (full-disclosure, "responsible disclosure",
> M$'s "information anarchy", etc.) and was wondering if
> anyone knew of specific academic or technical journals
> that might contain good information.
>
> So far I've found lots about full-disclosure from
> multiple news/tech news sites, but nothing academic or
> anything that would qualify as scholarly. Any known
> whitepapers would be useful too.
ACM Transactions on Information and System Security could be considered
full-disclosure in an abstractly practical way; that is, it's not the
hack-this-that-way but this-class-of-problems-are-hacked-by-these-approaches.
--
scott hollatz net [EMAIL PROTECTED]
information technology systems and services tel +1 218 726 8851
university of minnesota duluth mn usa fax +1 218 726 7674
--
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
