Home > Articles > Security > Network Security

This chapter is from the book

Principle 12: Open Disclosure of Vulnerabilities Is Good for Security!

A raging and often heated debate within the security community and software developing centers concerns whether to let users know about a problem before a fix or patch can be developed and distributed. Principle 6 tells us that security through obscurity is not an answer: Keeping a given vulnerability secret from users and from the software developer can only lead to a false sense of security. Users have a right to know about defects in the products they purchase, just as they have a right to know about automobile recalls because of defects. The need to know trumps the need to keep secrets, to give users the right to protect themselves.

  • + Share This
  • 🔖 Save To Your Account