===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/Attic/press.html,v
retrieving revision 1.467
retrieving revision 1.468
diff -c -r1.467 -r1.468
*** www/Attic/press.html 2005/07/07 09:07:19 1.467
--- www/Attic/press.html 2005/07/07 16:18:45 1.468
***************
*** 69,75 ****
--- 69,94 ----
June, 2005
+
-
+
+ The true cost of computer crime,
+ EurekAlert / New Scientist Magazine,
+ issue June 25, 2005
+ This article looks at computer crime, especially the way upcoming
+ vulnerability reports are dealt with. It also gives a short overview of the
+ different institutions involved in the process (vendors, free projects, CERTs).
+
+ The author mentions the work of Andy Ozment, who researches vulnerability
+ disclosure at the University of Cambridge. Using OpenBSD as a good example
+ of how disclosure and consequent fixing of bugs helps to strengthen security,
+ he refutes the widely spread FUD that disclosing vulnerabilities leads to
+ more harm than good. Ozment's methodology was to examine OpenBSD's CVS logs
+ and noting when fixes were published; his research shows that
+ "the number of vulnerabilities decreases as a result of disclosure".
+
+
+
-
Free Bird,
Forbes, June 16, 2005
***************
*** 4847,4853 ****
www@openbsd.org
!
$OpenBSD: press.html,v 1.467 2005/07/07 09:07:19 grunk Exp $