Coming clean on patches

Monday, 3 June 2002, 12:48 PM EST

The debate is about when researchers should alert the general public to the flaws they find. Industry protocol calls for discoveries to be kept quiet until a patch is available—usually no less than 30 days—to minimize the threat from hackers who could do damage in the interim.

That process, however, could soon change. A prominent security expert last week announced that he will give software companies just one week to patch a new vulnerability before he releases data about the flaw to the public.

[ Read more ]

Related items




Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //