|
Over fifty experts and expert advocates have released an open letter in support of security research and against efforts to chill or intimidate security researchers. From Center for Democracy & Technology (CDT): “Computer and network security research, white-hat hacking, and vulnerability disclosure are legal, legitimate, and needed now more than ever to understand flaws in the information systems that increasingly pervade our lives. Security researchers hesitate to report vulnerabilities and weaknesses to companies for fear of facing legal retribution; these chilling effects invite the release of anonymous, public zero-day research instead of coordinated disclosure. The undersigned urge support for security researchers and reporters in their work, and decry those who oppose research and discussion of privacy and security risks. Harming these efforts harms us all.”
Mike Masnick of Techdirt and a co-signer of the letter writes: “This may sound obvious, but increasingly we’re seeing attacks on security researchers, where the messenger is blamed for finding and/or disclosing bad security practices or breaches… It’s kind of sad that this kind of letter is even needed..”
Sponsored byVerisign
Sponsored byVerisign
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byWhoisXML API
Sponsored byDNIB.com
Sponsored byRadix