[VIM] HP & an interesting comment
gadie at beyondsecurity.com
Tue May 8 08:15:12 UTC 2007
On Tuesday 08 May 2007 06:58, security curmudgeon wrote:
> In a private e-mail discussion regarding vulnerability disclosure, this
> comment was made. I asked to forward to VIM and anonymize, the researchers
> in question agreed. Since we are keeping track of vendor threats, this is
> fringe related I think.
> ---------- Forwarded message ----------
> Date: Mon, 7 May 2007 20:31:43 -0700
> I had a very interesting phone conversation with HP a couple months ago
> when I reported a vuln that [researcher] found (not fixed yet). They
> definately need a clue. In fact the person handling the case even went
> out of his way to state; "You know we are the company that sued a
> researcher right". I said yes, and you know that we have various
> partnerships and are a X billion a year company right?
> I honestly think that many vendors will attempt to bully the smaller
> researchers because they can while the bigger companies are left alone.
They do it because it works.
More information about the VIM