Re: disclosure policy In my 20 or so years in security, disclosure policy has been my single biggest influence on vendor security efforts. IMHO The disclosure debate is about how much influence external parties should have on a vendor's efforts and not whether it is effective.
Sure, but the problem with this is two fold. First, not everyone agrees you should be allowed to adjust those knobs on their behalf, you don't know their priorities. Second, you don't have the power to adjust them, you need resources provided by people who don't have a dev heart.
-
-
1) is the market. Ultimately what customers pay for validates my choices,also on the configurability end. 2) of course, there are many moving parts and all matter, which is why I push for multiple points of view and levers
-
That's nonsense, how can the market react to information that you're arguing they shouldn't know? I'm saying make it public and let the market decide. You're saying don't let the market know, just trust us to do the right thing.
- 9 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
