Re: disclosure policy In my 20 or so years in security, disclosure policy has been my single biggest influence on vendor security efforts. IMHO The disclosure debate is about how much influence external parties should have on a vendor's efforts and not whether it is effective.
I think everyone is clear that vendors don't like full disclosure 
-
-
That was hardly something I wanted to even touch on. I dislike some of the exasperated hero narrative, as you know, and that seems to be the necessary monster to create to build it, so I'd rather pass on this :)
-
My developer heart cares about you using my product. For you to use it it has to be usable, cool, performant and safe. I care about all of this, but have to balance. I wish more of this balance would get on the stage, rather than just the bug-problem-fix stories.
- 11 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.