Being an advocate of nondisclosure (actually non-discovery) of vulnerabilities, I am often derided as essentially being complacent - you know, having my "head in the sand". It is surprising how many people are ostriches of another kind: those who are happily ignorant of all the "other vulnerabilities" that exist and yet aren't disclosed.
At least I advocate equal rights for vulnerabilities. (Well, not really, but that is a different story and this is intended to be mildly funny.)
Rather than advocating equal treatment of any vulnerability, you appear to be advocating the enforcement of equal outcomes for all vulnerabilities regardless of the circumstances.
Having seen full- versus non- versus *-disclosure debated endlessly (and fruitlessly) for the last 10+ years I'll spare your readers my own opinions on this subject.
Posted by: Josh Daymont | May 03, 2006 at 10:44 AM