TippingPoint has upped the ante on vulnerability disclosure by giving vendors six months to fix bugs before it goes public with information on flaws. The intrusion prevention specialist, bought by HP earlier this year, has rewarded security researchers for information about vulnerabilities via its long-running Zero Day …
"Rushing security fixes may therefore work against the wider interest of end-users, Microsoft argues."
Yeah because we all know that security through obscurity is the way to go!
So how does this work?
"Rushing security fixes may therefore work against the wider interest of end-users, the company argues."
Recently I discovered an issue with the software that controls the security system used by the Steve Ballmer and many other captains of industry that lets almost anyone walk around their houses when they are away on vacation. I notified the security system manufacturer a year ago but they still haven't fixed the problem... should I tell Steve and his friends?
I would feel generous giving them 6 WEEKS, 6 months is beyond ridiculous.
6 weeks, no action, full disclosure to the world. That should stimulate them to get it patched.
- Breaking Fad 4K-ing excellent TV is on its way ... in its own sweet time, natch
- Top Gear Tigers and Bingo Boilers: Farewell then, Phones4U
- First Irish boy band U2. Now Apple pushes ANOTHER thing into iPhones, iPods, iPads
- Updated iOS 8 Healthkit gets a bug SO Apple KILLS it. That's real healthcare!
- Hey, Scots. Microsoft's Bing thinks you'll vote NO to independence