On The Insider: Swift & Kanye Named Best of the Year
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 4 of 34:
Next »
« Previous
Valid concerns from true flaw finders
nothing worse than to be left out of the loop and wondering on the sincerity of the vendor's intent and methods to fix. Some of these vendors are not of this world when it comes to understanding. They see just their perspective, react poorly to 'assistance', and get tight lipped, even hostile if pressured before and after public disclosure. It's like someone causes an accident or could, and when a preventative bystander or officer points out the possible conclusions instead of focusing the solution, they focus on the messenger.

Now, whether you tell an 'outsider' your methods of fixing is a different dual edge. Yes knowing the method may ease concerns, but you'd have to trust the source isn't fishing for deeper hooks into the flaw 'maker'. "So that's how you code that or this is the process your team/management/coders employ". Social engineering may be afoot. But most likely not. You'd have to be inbetween skills to have to trick a vendor to see their base processes.
Posted by: Boot_Agnostic   Posted on: 08/17/06 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Its the  not of this world | 08/17/06
I agree;  Suicida| | 08/17/06
Cheap way to find flaws  SteveTheWirePuller | 08/17/06
Valid concerns from true flaw finders  Boot_Agnostic | 08/17/06
Public dissemination of vulnerabilities  Anton Philidor | 08/17/06
A problem...  ju1ce | 08/17/06
Why would the idea fail?  Anton Philidor | 08/17/06
well it can...and it can't..  Monkey_MCSE | 08/17/06
another question...sorry  Monkey_MCSE | 08/17/06
The organization's purpose...  Anton Philidor | 08/17/06
And...  Anton Philidor | 08/17/06
and how many years did it take them??  Monkey_MCSE | 08/17/06
If no alternative operating systems...  Anton Philidor | 08/18/06
Fair's fair  Yagotta B. Kidding | 08/17/06
Flaw finders to software makers: It's payback time  puppadave | 08/17/06
IF THERE'S ANYTHING WRONG WITH A COMPUTER OR SOFTWARE IT'S A VIRUS !  BALTHOR | 08/17/06
Message has been deleted.  Colonel Panijk | 08/18/06
Flaw Finders  eryxias7@... | 08/17/06
What's the limit?  rpmyers1 | 08/18/06
No respect  shraven | 08/17/06
Last thing vendors want: explaining changes to outsiders  ejhonda | 08/17/06
Producing responses  dmhunter@... | 08/17/06
Bad headline  John L. Ries | 08/17/06
Shakedown  DaveSoNSo | 08/17/06
That's called "blackmail"  John L. Ries | 08/18/06
Ignorance is bliss, ay?  Tialin | 08/17/06
Well...  Anton Philidor | 08/17/06
Inconsistent expectations  DaveSoNSo | 08/17/06
When I pay for Software I Expect it to Work  OldTimer1 | 08/21/06
It's always Microsoft  AAWW | 08/17/06
I wouldn't say most flawed...  jasonp@... | 08/18/06
software flaws  jhinkson@... | 08/17/06
Not likely....  Leria | 08/18/06
Unlikely but possible  tony@... | 08/18/06

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

SmartPlanet

Click Here