However, this is an area where the ones complaining the loudest have the power to make it stop. If the vendors acknowledged the vulnerabilities, kept the researcher involved in the solution, and released a fix (not just a patch) in a timely manner then the problem would go away. There'd be no need to force the vendors' hand and we'd all be better off.
What are your future plans? Any exciting new projects?
I've started working on a new book, this one called Network Security Fundamentals. It is aimed at managers who need to know what all the component parts are (i.e., security policies, VPNs, PKIs, IDSes, firewalls and so on) and how they work together to form a security solution.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.