Stephen Toulouse - What does "responsible disclosure" mean to you?

Download this episode

Download Video

Description

Microsoft's Security Response Center gets a lot of email sent to its secure@microsoft.com alias. Stephen kept talking about "responsible disclosure" with us so we wanted to find out just what he meant by that.

Tag:

Security

Embed

Format

Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    • User profile image
      Sk4rlath
      This video really made me smile.

      If more people knew what the security teams and developers at Microsoft had to deal with, then I think there'd be a lot less hate going in their direction.

      Why don't they tell you intimate details about security flaws in the software? This video explains that excellently.

      Why don't they make their software standards-compliant? If they did and they broke even one single app that depended on that non-standard behavior, then you'd hate them for that instead.

      Once again, keep it up guys! Just letting you know that you've still got at least one fan cheering you on!
    • User profile image
      Maurits
      Sk4rlath wrote:
      Why don't they make their software standards-compliant? If they did and they broke even one single app that depended on that non-standard behavior, then you'd hate them for that instead.


      That's a good - well, interesting - argument for not fixing a standards-incompliant piece of software.  It leaves open the question "why didn't they make it standards-compliant in the first place?"
    • User profile image
      Mike Dimmick
      Maurits wrote:
      That's a good - well, interesting - argument for not fixing a standards-incompliant piece of software.  It leaves open the question "why didn't they make it standards-compliant in the first place?"


      Usually because the 'standard' was written after the design was frozen.

    Comments closed

    Comments have been closed since this content was published more than 30 days ago, but if you'd like to send us feedback you can Contact Us.