Re: disclosure policy In my 20 or so years in security, disclosure policy has been my single biggest influence on vendor security efforts. IMHO The disclosure debate is about how much influence external parties should have on a vendor's efforts and not whether it is effective.
Dude, you're making it really hard to avoid having a disclosure debate with you. What you call "0day policy" others call full disclosure, is that really a discussion you want to get into? 
-
-
No, I know where we align and where we don't, we can save the twitterverse from that :) just leaving a reasonable doubt from the dev perspective in a conversation that is usually security-researchers dominated.
-
I think everyone is clear that vendors don't like full disclosure

- 17 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.