[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Vuln Disclosure summarized (TTBOMA)

To: Rob Fuller <jd.mubix@xxxxxxxxx>
Subject: Re: [Full-disclosure] Vuln Disclosure summarized (TTBOMA)
From: Thierry Zoller <Thierry@xxxxxxxxx>
Date: Thu, 29 Apr 2010 10:17:22 +0200

Hello,

Your missing legislative circumstances in your thoughts :

>- Releasing at a conference => Probable court time.
Under what legislation would that potentially be the case ?

>- Keeping it to yourself => Working under the assumption that your the
>only one that has found that same bug is still semi relevant due to
>the incredibly small size of the exploit dev community. However, as
>Dave said, they'll be toasting to their sleeping dead 0days some day.
Under  the  jurisdiction  I  personaly  am under I am responsbile if I
DON'T  disclose  vulnerabilities  (to  the  vendor)  -  this  includes
potential damages should the vulnerability be used. This is the law
over here if you have the PSF statute.


-- 
http://blog.zoller.lu
Thierry Zoller


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Vuln Disclosure summarized (TTBOMA)
  - From: Valdis . Kletnieks

References:
- [Full-disclosure] Vuln Disclosure summarized (TTBOMA)
  - From: Rob Fuller

Prev by Date: Re: [Full-disclosure] Vuln Disclosure summarized (TTBOMA)
Next by Date: Re: [Full-disclosure] Randi Harper aka Sektie demolished
Previous by thread: Re: [Full-disclosure] Vuln Disclosure summarized (TTBOMA)
Next by thread: Re: [Full-disclosure] Vuln Disclosure summarized (TTBOMA)
Index(es):
- Date
- Thread