In
<!&!aaaaaaaaaaayaaaaaaaaaih+nruo4exaufaxntnnphscxbiaeaaaaphwmypgbwtikhrmpaur2wobaaaaa...@gmail.com>,
on 04/06/2010
at 10:21 PM, Don Williams <[email protected]> said:
>The possibility of disclosure may make some people reluctant.
I'd see that as a serious minus.
>It is unlikely that an integrity hole is so obscure, that only one
>person will discover it.
I'd like for the first person to discover it to report it.
>If good guys find it first, then the hole has a chance to be closed
>before the bad guys can capitalize on it.
Not if the good guys are unwilling to report it.
>unless there is a new law that requires that all integrity fixes be
>applied,
Or unless the old legal doctrine of due diligence effectively compels it.
--
Shmuel (Seymour J.) Metz, SysProg and JOAT
ISO position; see <http://patriot.net/~shmuel/resume/brief.html>
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
