On Sat, 20 Mar 2010, William Pitcock wrote:
What I mean is: why can't anyone contribute valuable information to the security community? It is next to impossible to meet so-called 'trusted people' if you're new to the game, which is counter-productive.
If you're a 15 year old kid and you just discovered a way to own the latest IOS, for example, how do you know who to tell about it?
If I was such a clever 15 year old I would go to Google and enter "contacting cisco ios security" which would lead me to -> http://www.cisco.com/en/US/products/products_security_advisories_listing.htm... which would lead me to -> http://www.cisco.com/en/US/products/products_security_vulnerability_policy.h... Same exercise can be repeated for most vendors you can choose. -Hank