ComputerWorld: Debate erupts over disclosure of software security holes | Linux Today

ComputerWorld: Debate erupts over disclosure of software security holes

Written By
Web Webster
Web Webster
Jul 28, 2000

“In a contentious keynote speech that created an uproar at the
Black Hat Briefings security conference here yesterday, security
researcher Marcus Ranum charged that the full disclosure of
software vulnerabilities isn’t improving computer security.
Instead, Ranum said, it only encourages attacks by what he called
“armies of script kiddies.”

“Ranum claimed that many disclosures of security holes are
“rock-throwing” incidents done by companies or individuals to
attack vendors such as Microsoft Corp. or for the purposes of
self-promotion, financial gain or ego gratification. And, he said,
such disclosures give malicious attackers point-and-click tools
that they can use to take down Web sites.”

“But other attendees at the Black Hat conference – an annual
precursor to the Defcon hackers convention that features sessions
aimed at corporate users – said they’re skeptical that limiting the
disclosure of vulnerability information would benefit companies.
Mudge, a vice president at Cambridge, Mass.-based security
consulting firm @Stake Inc. who uses only one name, rejected what
he called the “metered dissemination of information” about
potentially damaging security holes.”


Complete Story

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.