Interview with Jason Reid, author of "Secure Shell in the Enterprise"
by Mirko Zorz - Wednesday, 1 October 2003.
The risk or security of software is measured by the amount of peer review that software has had. An unknown piece of software is deemed suspect until proven innocent by usage. I believe that open source software has the advantage here by its community at large vetting process versus private audits that the proprietary software is limited to.

What do you think about the full disclosure of vulnerabilities?

I am in favor of it. Only by studing past failures can we mitigate future ones. Of course, this requires an environment where people may learn and apply the past lessons. I do think that the discovers of a vulnerability should notify vendors discretely before posting details. The key point should be getting the vulnerability fixed and systems patched not about giving script kiddies another exploit.

What are your plans for the future? Any exciting new projects?

I am currently enjoying the celebrity lifestyle of a security author. :) My current project is to spend time with those close to me.

Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //