More on the Vulnerabilities Equities Process
The Open Technology Institute of the New America Foundation has released a policy paper on the vulnerabilities equities process: “Bugs in the System: A Primer on the Software Vulnerability Ecosystem and its Policy Implications.”
Their policy recommendations:
- Minimize participation in the vulnerability black market.
- Establish strong, clear procedures for disclosure when it discovers and acquires vulnerability.
- Establish rules for government hacking.
- Support bug bounty programs.
- Reform the DMCA and CFAA so they encourage responsible vulnerability disclosure.
It’s a good document, and worth reading.
Wm • August 4, 2016 7:51 AM
Since this has nothing to do with the current day corrupt government that is only interested in money, vote buying through giveaways, buying votes through hiring people into unnecessarily created government jobs, sex parties in foreign countries while accompanying Obama on lavish million dollar vacations and worthless diplomatic trips, all such suggestions on how to fix anything is futile and not worth the effort to research and/or print such suggestions.