Tag: Research
-
The Case Against ‘Responsible Disclosure’
The debate over vulnerability disclosure is as significant as it is contentious. ‘Responsible disclosure’, a term coined by software vendors many decades ago, advocates that security researchers privately report vulnerabilities to the affected vendor, allowing the company time to fix the issue before making it public. On the surface this approach seems reasonable – it…