Security researcher calls for vulnerability trade association
A prominent security researcher this week proposed a plan to create a trade association for vulnerability researchers that would act as an advocacy organization as well as protect the legal and economic interests of the members. The plan is still very much in the formative stages and no formal blueprint for the organization exists, but the idea is being kicked around in many parts of the security community.
The idea for the organization came from Thor Larholm, a senior security researcher at PivX Solutions Inc.. Larholm is well-known in security circles for his research, particularly on Internet Explorer. He began discussing the plan with other researchers in June and has since spoken with a number of vendor executives about it as well.
On Monday, Larholm posted a message to the BugTraq mailing list detailing some his thoughts about the organization. He says support for the idea of having an organization to unite researchers has been virtually unanimous among the people he's spoken with.
[ Read more ]