On Sun, 31 Jul 2005, Fergie (Paul Ferguson) wrote:
No one ever said the Internet wasn't chock full of contradictions. One one hand, we have what some are now calling "Cisco gate": http://news.com.com/Hackers+rally+behind+Cisco+flaw+finder/2100-1002_3-58120...
<quote>Alder then blasted Cisco for going after Lynn. "Cisco, you are really screwing up," she said, followed by a round of applause. "Suing researchers is not going to make you secure. Alienating the security community is not going to encourage people to come to you and report problems and work with you."</quote> Agreed 100%. Cisco, are you listening? By this misbehavior you are seriously discouraging researchers from releasing info to you. They will suspect you'll sit on the exploit for months and not tell anyone (as you did with this one). They'll be afraid you'll try to kill the messenger (as you did with this one). Instead, they're just going to release exploits into the wild anonymously. Is this what you want? Then keep it up. -Dan