The IT Security Blog Roundup » Blog Archive

Mobile Version Subscribe Contact Us About Us Advertising Editorial SC UK SC Aus/NZ

RSS | Login | Register

The IT Security Blog Roundup

Vulnerability ethics

Author: admin

Filed under: Apple, Browser flaws, Groundbreakers and newsmakers, Microsoft, Non-Microsoft Patches, Patch Management, Patch Tuesday

The Roundup came across a thoughtful take on the QuickTime flaw revealed at CanSecWest last week, now found to affect numerous web browsers.

Information Security Sell Out brought up a lightning rod topic this week: vulnerability management ethics.

The Sell Out questions whether a firm, in this case TippingPoint, is engaging in bad business by allegedly using the discovery of a flaw as a marketing opportunity. Did TippingPoint put Mac users at risk by offering $10,000 for discovery of a Mac flaw, thus practically ensuring one would be disclosed? And what if TippingPoint mishandles the newly purchased vulnerability?

Scroll down to the discussion section; a back-and-forth ensues.

On responsible disclosure, Part 1
One IT security topic that will never go away is vulnerability reporting - and the ethics of what tr...
McAfee vs. TippingPoint
Here’s one blog post worth revisiting. On Monday, Rahul Kashyap took TippingPoint’s ZeroDay In...
Following, and verifying, the QuickTime flaw news
It’s not unusual for an IT security story to have twists and turns. With the ever-changing technol...
On Office 2000 ActiveX, nCircle and Cambia
No proof yet of OS X worm