This website uses cookies to ensure you have the best experience. Learn more

Ethics Of Full Disclosure Of Security Holes

2962 words - 12 pages

Ethics of Full Disclosure of Security Holes

Introduction

Security breaches are making big headlines nowadays, and Microsoft is leading the charge. Its flagship operating systems and office suite are so bulky and complex, that it is impossible to be bug-free. The system administrators (the white hats) are up to their noses plugging all the holes from super hackers (the black hats). Yet they are also facing attack from another front – those that post vulnerabilities on the internet (the gray hats).

The gray hats are hackers that find security vulnerabilities and post them on the internet, forcing system administrators to patch up the holes. Usually, they inform the vendor ahead of time. Then, if they deem the company is not taking them seriously, and malicious hackers will exploit the threat, they post it on a forum. Though acting in good faith, the ethics of full disclosure of security holes are in debate, including: how full disclosure can cause more harm then good, how long vendors should be allowed to fix the problem, and liabilities for posting on the internet.

Issue 1: Full disclosure of security-related information can inflict more damage than good. You are showing people how to break into systems.

The debate about vulnerability-disclosure policies involves two main parties. Researchers at security companies say they want to get their latest findings out quickly to hasten software makers' response to bugs. Software makers, on the other hand, say they aren't given enough time to deal with a problem, and that publicizing it simply alerts malicious hackers to an opportunity.

There are super hackers out there who find security vulnerabilities, then write a script up on the internet, with one or two lines of code missing (he hasn’t violated anything any laws). Then an amateur comes across it and wants to test it out. He compiles the code and unleashes the virus, and suddenly he is responsible. Scott Culp, manager for Microsoft's security response center, called information posted from some companies and independent security consultants as "information anarchy."

"It's high time the security community stopped providing the blueprints for building these weapons," And it's high time that computer users insisted that the security community live up to its obligation to protect them." 5

Marcus Ranum, CEO of security software vendor Network Flight Recorder Inc., agreed that posting security flaws do not work. Why isn’t the state of security improving then? These “rock throwing” incidents are just for pride, and to attack against large corporations like Microsoft. He says the gray hats are acting irresponsibly, destroying code that works, and is not making valuable contributions for the betterment of society. “The Huns didn't know how to build Rome; they just knew how to sack it," he said. "Just show us that you have useful stuff [instead of] destroying other people's stuff. 1 It would be better if they put their...

Find Another Essay On Ethics of Full Disclosure of Security Holes

Disclosure of Genetic Tests for Health Insurance

2006 words - 9 pages health care personnel provide care, insurers are focused on saving cost for their companies (Klitzman, 2010). This gap of difference in priorities between the insurer and health care providers is dangerous. Klitzman notes that people are afraid of getting their genetic information on record, so they forego genetic testing (2010). This affects the psychological and physical well being of an individual. Financial security in regard of the person’s

Summary of Holes by Louis Sachar

1644 words - 7 pages HOLES LOUIS SACHAR Stanley Yelnats is under a curse, one that began with his no-good-dirty-rotten-pig-stealing-great-great-grandfather and has followed generations of Yelnats. Stanley has been falsely convicted of stealing Clyde ?Sweet Feet? Livingston?s, a famous baseball player, sneakers from a homeless shelter. Now he must attend a boy?s detention center, Camp Green Lake, where bad boys dig holes all day, every day, digging holes

Analysis of Square Pegs and Round Holes!

2740 words - 11 pages Analysis of 'Square Pegs and Round Holes!' In a world where the only constant is change, business managers strive to improve the performance of their subordinates by through increased efficiency and effectiveness. It is the function of a manager, regardless of level, to attain organisational goals through the effective production of goods and services through effective planning, organising, leading and controlling

Comparison of Full-Time Faculty

1377 words - 6 pages Introduction The purpose of this research project was to compare the highest level of degree completion amongst the full time faculty of Rockford College and several of our peer institutions. The institutions included in this research project were Augustana College, Aurora University, Beloit College, Benedictine University, Carroll College, Carthage College, Concordia University, Elmhurst College, Eureka College, Judson College, Loras College

Life is Full of Choices

820 words - 4 pages freshman. The soul-searching journey begins as new classes, clubs, and opportunities arise. Thus, one’s freshman year is full of firsts of every kind; first time failing a class, first time staying up all night to study, or even the first time sneaking out with friends. Whatever they are the firsts of freshman year have to ability to change a person, whether that is for good or bad is the individual’s choice to make. The next stop in the

A Speech Full of Persuasion

716 words - 3 pages A Speech Full of Persuasion How MLK’s Speech was Persuasive Throughout history, there has been many works of literature that were created for the sole purpose of persuasion. Many of these compelling pieces have caused riots, the downfall of empires and the upheavals of governments. They have also brought about good changes that have been able to keep most of this world in check. The brilliant people who manipulate massive percentages of the

The Full Effects of War

2359 words - 9 pages War is one thing that we all know is a necessary evil. The United States has been involved in many wars since being founded in the late 1700’s. There are many reasons that the United States has been involved in, or is currently involved in wars. Although war is not always a popular thing to become a part of, the full effects of the war are not always known and may never be known as long as the United States is a country. Stephen Crane tells us

The Full Effects of War

2459 words - 10 pages War is one thing that we all know is a necessary evil. The United States has been involved in many wars since it’s founding in the late 1700’s and will more than likely continue to be involved in more as it moves into the future. There are many reasons that the United States has been involved in, or is currently involved in wars. Although war is not always a popular thing to become a part of, the full effects of the war are not always known and

A Home Full of Nothing

1938 words - 8 pages A Home Full of NothingAhmad hated his parents' eager approach to visiting the relatives in Eid. His idea of Eid was doing nothing but sleep late and visit his friends in the afternoon. Yet his mother always lectured him about the whole meaning of Eid and how we always have to visit our close relatives. His father agreed to Ahmads point of view of not seeing all the relatives, since they had a big family and it would leave the whole family

The Full Effects of War

2414 words - 10 pages become a part of, the full effects of the war can’t possibly be known and may never be known as long as the United States is a country. Stephen Crane tells alludes to a few effects of war in his poem “War is Kind”. Physical handicaps, mental handicaps, and family hardships, etc. among other dreadful effects resonate throughout this poem. These problems possibly result from war, and the victims of these undesirable conditions will need to

Congruence of Counselor Self-Disclosure and Perceived Effectiveness

2081 words - 9 pages The first research article I read for this assignment was Congruence of Counselor Self-Disclosure and Perceived Effectiveness by Scott J. Nyman, and Timothy K. Daugherty. This journal article documents an empirical study conducted by Scott Nyman and Timothy Daugherty examining the effect of counselor self-disclosure on the relationship between counselor and client. Counselors and researchers differ in their opinions regarding the

Similar Essays

The Social Security Blanket: Full Of Holes?

2036 words - 8 pages The Social Security Act was enacted in 1935, and since then it has undergone numerous revisions and amendments. Today the act covers a wide range of benefit programs, including Medicare, unemployment compensation, and Supplemental Security Income. The major portion for which the Social Security Act has become known, however, is the Old Age, Survivors, and Disability Insurance program, or OASDI. While today the OASDI program is most frequently

Formation Of Black Holes Essay

711 words - 3 pages believed that they were a peculiar feature of the highly symmetric solution found by Schwarzschild, and that objects collapsing in nature would not form black holes.Interest in black holes was rekindled in 1967 because of theoretical and experimental progress, and the possibility of harnessing the immense gravitational energy of black holes for future space research. Stephen Hawking and Roger Penrose proved that black holes are a generic feature in

Black Holes: Forces Of Gravity Essay

1992 words - 8 pages Science has always been about analyzing the hard facts in front of you, even if they might be invisible to the naked eye. Sizable leaps in our understanding about the mechanisms of life and our universe are in the process of being made with scientists believing black holes are the major precipice to these greater understandings. Black holes push and break many modern understandings of physics and time with many mysterious qualities

Full View Of Salvation Essay

978 words - 4 pages . On the cross, God imputed our sin onto Christ and Christ paid the penalty in full to God not to Satan. He redeemed us back to the Father. You have also been justified by God, “declared righteous despite actual guilt, so that he or she receives the same rights and privileges as a genuinely innocent person.” (Swindoll 2010, 78) Justification grants the legal status of “not guilty.” Propitiation This verdict cannot be broken