Full disclosure references


[1] Can we afford full disclosure of security holes?
http://www.computerbytesman.com/security/fd.htm
 
[2] Re: Can we afford full disclosure of security holes?
http://online.securityfocus.com/archive/1/203499/2002-11-01/2002-11-07/1
 
[3] Full disclosure (Wikipedia)
http://www.wikipedia.org/wiki/Full_disclosure
 
[4] Bruce Schneier on Full Disclosure
http://www.counterpane.com/crypto-gram-0111.html#1
 
[5] Security through obscurity (Wikipedia)
http://www.wikipedia.org/wiki/Security_through_obscurity
 
[6] The original IE Scriptlet advisory from Georgi Guninski
http://www.guninski.com/scrtlb-desc.html
 
[7] MS99-032: Patch Available for "scriptlet.typelib/Eyedog" Vulnerability
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms99-032.asp
 
[8] VBS.Bubbleboy code explained
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&scoring=d&selm=2750ac20.75bcba7e%40usw-ex0101-002.remarq.com&rnum=1
 
[9] Wscript.KakWorm description from Symantec
http://securityresponse.symantec.com/avcenter/venc/data/wscript.kakworm.html
 
[10] Top ten viruses reported to Sophos in April 2000
http://www.sophos.com/virusinfo/topten/200004.html
 
[11] The Beginners' Guide to VBS Viruses By Neon_Killer
http://wiretapped.securax.org/security/info/textfiles/swat/swat-37/Swt37-13.txt
 
[12] Microsoft Security Bullitens
http://www.microsoft.com/technet/treeview/?url=/technet/security/current.asp?frame=true
 
[13] Internet Explorer security - Georgi Guninski Security Research
http://www.guninski.com/browsers.html
 
[14] Letter to Email Vendors
http://www.computerbytesman.com/security/email/major.htm
 
[15] Press articles about Georgi Guninski
http://www.guninski.com/menews.html
 
[16] News.com articles about eEye Digital Security
http://news.search.com/search?q=eeye&cat=230&int.1278=1
 
[17] Software makers thrive on Net threats
http://news.com.com/2100-1001-829615.html
 
[18] EICAR Code of Conduct
http://www.eicar.org/code_of_conduct.htm
 
[19] How Much Hack Info Is Too Much?
http://www.wired.com/news/infostructure/0,1377,56463,00.html
 
[20] Save the Net, Sue a Software Maker
http://online.securityfocus.com/columnists/47
 
[21] Microsoft to security experts: Don't publish code
http://news.cnet.com/news/0-1003-200-7560391.html?tag=mn_hd
 
[22] The Man Who Debunks Virus Myths 
http://www.wired.com/news/technology/0,1282,45812,00.html 
 
[23]The only fitting punishment for virus writers? Death!
http://www.zdnet.com/anchordesk/stories/story/0,10738,2795678,00.html
 
[24] Security patches aren't being applied
http://zdnet.com.com/2100-11-527502.html?legacy=zdnn
 
[25] alt.comp.virus newsgroup message by RaiD
http://groups.google.com/groups?q=backups+group:alt.comp.virus+author:raid&hl=en&lr=&ie=UTF-8&oe=UTF-8&scoring=d&selm=e1a0c2a2.0205060722.328399ae%40posting.google.com&rnum=1
 
Georgi Guninski on the Responsibility RFC
http://www.guninski.com/rfcsec.html
 
ActiveX Security is Everyone's Business
http://www.fawcette.com/archives/listissue.asp?pubID=1&MagIssueId=85#
 
Security: why do I bother?
http://www.oreillynet.com/cs/weblog/view/wlg/2004
 
Anatomy of a Security Nightmare
http://online.securityfocus.com/guest/2137
 
HP Exploit Suit Threat Has Holes
http://www.wired.com/news/technology/0,1282,54297,00.html
 
Security Firm Rewrites Rules on Disclosing Flaws
http://www.pcworld.com/resource/printable/article/0,aid,107573,00.asp