RealTime IT News

Full-Disclosure is No More

Why is Full-Disclosure shutting down?

The whole point of the Full-Disclosure mailing list by definition is full disclosure about security vulnerabilities, which can sometimes be a dicey issue. There is a right and a wrong way to do disclosure, and I've long been of the opinion that vendors should always be notified first and given some time to respond. That's just fair. I had long suspected that at some point a vendor would claim it wasn't contacted or given enough time, and that would trigger some form of legal request for Full-Disclosure's shutdown. In his final Full-Disclosure posting, Cartwright wrote that he too had thought the end would likely come from some kind of vendor request.

The end of Full-Disclosure, however, is not coming because of a vendor request. Surprisingly, it's coming because of a security researcher.

Read the full story at eWEEK:
Full-Disclosure Mailing List Shuts Down

Sean Michael Kerner is a senior editor at InternetNews.com. Follow him on Twitter @TechJournalist.