Now People Are Encouraged To Report Security Problems
from the conflicting-advice dept
Okay, now what do we do? Just yesterday we were arguing about a law saying it was illegal to break copy protection schemes while now CERT is saying that they're encouraging people to publicize security flaws. They're going to start reporting all security flaws that they come across (though they'll give people 45 days to fix them before going public). Obviously, I agree with CERT's stance, as I think it makes systems stronger in the long run. I just wonder what happens when someone reports to CERT that they've broken a copy protection scheme? Do they report it, or do they throw the person in jail?
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
