RE: Disclosure: Ready or Not
Jeremiah opened up a can of worms in his blog entry, “Disclosure: Ready or Not” I began my comment but it just became to big so I decided to bounce around some thoughts here.
In October 06 I released an article, “Hacker, Cracker Powershift?” where I voiced some of my concerns which relate to this article.
I think “money” (the root of all evil) like everything else ends up destroying the art. Look at the football and cricket conspiracies of today. This one is paying that one, so that one doesn’t play as well blah blah blah (read my link above to understand this statement better).
Although responsible disclosure needs to be addressed, my thoughts rest more with the hearts of the rising generation. In my opinion everything is moving back to secret hacker groups sharing zero-day exploits and selling them to the highest bidder.
Whats the point of discussing vulnerability disclosure when the percentage of vulnerabilities found surpass those vulnerabilities being publically released?