On Apr 21, 1:00, firewalls-digest-owner @
> As I too have seen, this does normally tend to be the case. Or a
> comparable situation would be that we eventually do learn a good deal
> about a hole, but months after the 'black hat' people do. This is due to
> the perceived damage control that these organizations and individuals
> believe they are doing by preventing the further spreading of info about
> the hole.
There's also the matter of liability -- nobody wants to be sued for
revealing to the intruder community a security hole later exploited to
<insert something nasty here>.
au | Garth Kidd
+61-8-207-7740 (voice) | Network Services Branch
+61-8-207-7860 (fax) | Southern Systems
| Adelaide, AUSTRALIA