=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/Attic/press.html,v retrieving revision 1.467 retrieving revision 1.468 diff -c -r1.467 -r1.468 *** www/Attic/press.html 2005/07/07 09:07:19 1.467 --- www/Attic/press.html 2005/07/07 16:18:45 1.468 *************** *** 69,75 **** --- 69,94 ----

June, 2005

+ + The true cost of computer crime, + EurekAlert / New Scientist Magazine, + issue June 25, 2005
+ This article looks at computer crime, especially the way upcoming + vulnerability reports are dealt with. It also gives a short overview of the + different institutions involved in the process (vendors, free projects, CERTs). +
+ The author mentions the work of Andy Ozment, who researches vulnerability + disclosure at the University of Cambridge. Using OpenBSD as a good example + of how disclosure and consequent fixing of bugs helps to strengthen security, + he refutes the widely spread FUD that disclosing vulnerabilities leads to + more harm than good. Ozment's methodology was to examine OpenBSD's CVS logs + and noting when fixes were published; his research shows that + "the number of vulnerabilities decreases as a result of disclosure". +
+ +
Free Bird, Forbes, June 16, 2005
*************** *** 4847,4853 ****
www@openbsd.org !
$OpenBSD: press.html,v 1.467 2005/07/07 09:07:19 grunk Exp $ --- 4866,4872 ----
www@openbsd.org !
$OpenBSD: press.html,v 1.468 2005/07/07 16:18:45 grunk Exp $