• DocumentCode
    274848
  • Title

    Telling the goodguys: disseminating information on security holes

  • Author

    Stoll, Cliff

  • Author_Institution
    Harvard-Smithsonian Obs., Cambridge, MA, USA
  • fYear
    1988
  • fDate
    12-16 Dec 1988
  • Firstpage
    216
  • Lastpage
    218
  • Abstract
    The author discusses what should be done by a software vendor when the product has a security flaw. One alternative, which the author discounts, is to hide the problem and hope it will not be discovered. The alternative, favored by the author, is to widely publicize the patch, hoping that `badguys´ will not reverse engineer it to discover the hole. Several variations are proposed, including distributing an encrypted version of the patch and later publicizing the keyword, and distributing the patch as or on a benign virus
  • Keywords
    DP industry; computer software; information dissemination; security of data; benign virus; encrypted version; keyword; patch; security flaw; security holes; software vendor; Astrophysics; Books; Communication system security; Computer bugs; Computer viruses; Information security; Observatories; Reverse engineering; Software systems; Testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Aerospace Computer Security Applications Conference, 1988., Fourth
  • Conference_Location
    Orlando, FL
  • Print_ISBN
    0-8186-0895-1
  • Type

    conf

  • DOI
    10.1109/ACSAC.1988.113444
  • Filename
    113444
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=274848