No Home for Insecurity
The House of Representatives earlier this month approved the "Cyber Vulnerability Disclosure Reporting Act," to ensure that the Department of Homeland Security tells elected officials about its policies and procedures for bug reporting.
OK, Homeland (in)Security will tell us about its reporting practices, which means nothing. Headline: Government's Most Useless Agency Takes Lead Reporting Nothing.
No, what's needed is not more hand-wringing and angsty looks, but to simply throw out this embargo business altogether. You got a security leak? It hits the news. You got a database hack? It hits the news. You got bug X? Same deal, news.
In theory, hackers will exploit everything. Well, aren't they doing that now?
Biting the hand that feeds IT
