Reply to post: Re: Might be a good plan but....

Comments considered harmful: WordPress web hijack bug revealed

Anonymous Coward
Anonymous Coward

Re: Might be a good plan but....

Indeed… I think something like Google's Project Zero is closer to the mark. Vendor is contacted, a period is given to come up with a fix, then the bug is publicised after a fixed period.

Maybe have the ability to extend it by a maximum of a month if the vendor negotiates it. (That's where they went wrong in the case of Microsoft recently.)

If you report something, then don't hear from the vendor, I think it reasonable to go public with the details, and 14 months is more than long enough!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022