tag:blogger.com,1999:blog-4088979.post7794026818667942063..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: You Know You're Important When...Richard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-4088979.post-20563994968836673262009-06-23T14:47:00.723-04:002009-06-23T14:47:00.723-04:00not to put too fine a point on it, but if it's...not to put too fine a point on it, but if it's not 'responsible disclosure' then it is irresponsible.<br /><br />selling to the underground is irresponsible? no it's criminal, it's called being an accessory.<br /><br />is raising awareness the point? no, not really, the point seem to be using public opinion to force a company to bend to one's will arbitrarily. the company may (unbeknownst to anyone else) be investing it's resources in secure development that could have a profound positive impact on users but their time then gets wasted chasing bugs individual because they have be <b>seen</b> as <i>doing something</i> (regardless of whether or not those bugs would have been an issue once their intended development completed.kurt wismerhttps://www.blogger.com/profile/03810635947269551517noreply@blogger.com