[VIM] Dana Epp on responsible disclosure and VDB's

security curmudgeon jericho at attrition.org
Tue Aug 23 18:14:25 EDT 2005


: > Ah, the view from the comfort of your own blog!
: 
: True, but I find Dana to be pretty thoughtful.  In that context, the 
: blog represents a misunderstanding of the role that VDB's *currently* 
: perform, and a growing awareness and disillusionment with VDB's.  We 
: know what challenges we face, but vuln. info consumers either (1) don't 
: know or (2) don't care.  We're kind of stuck in the middle and someday 
: we might get squished.

Very true. As small as it seems, having folks from the VDBs respond to 
such material is important I think. A few well placed comments here and 
there, the next article may only focus on the researcher and leave VDBs 
out.


More information about the VIM mailing list