===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/Attic/press.html,v
retrieving revision 1.467
retrieving revision 1.468
diff -u -r1.467 -r1.468
--- www/Attic/press.html 2005/07/07 09:07:19 1.467
+++ www/Attic/press.html 2005/07/07 16:18:45 1.468
@@ -69,7 +69,26 @@
June, 2005
+
-
+
+The true cost of computer crime,
+EurekAlert / New Scientist Magazine,
+issue June 25, 2005
+This article looks at computer crime, especially the way upcoming
+vulnerability reports are dealt with. It also gives a short overview of the
+different institutions involved in the process (vendors, free projects, CERTs).
+
+The author mentions the work of Andy Ozment, who researches vulnerability
+disclosure at the University of Cambridge. Using OpenBSD as a good example
+of how disclosure and consequent fixing of bugs helps to strengthen security,
+he refutes the widely spread FUD that disclosing vulnerabilities leads to
+more harm than good. Ozment's methodology was to examine OpenBSD's CVS logs
+and noting when fixes were published; his research shows that
+"the number of vulnerabilities decreases as a result of disclosure".
+
+
+
-
Free Bird,
Forbes, June 16, 2005
@@ -4847,7 +4866,7 @@
www@openbsd.org
-
$OpenBSD: press.html,v 1.467 2005/07/07 09:07:19 grunk Exp $
+
$OpenBSD: press.html,v 1.468 2005/07/07 16:18:45 grunk Exp $