Via Secunia Blog -
In these days, one would have believed that vendors have learned the lesson not to threaten with legal actions to withhold and suppress significant information about vulnerabilities in their products.
Well, nonetheless, Secunia just received a sequel of letters from Autonomy, likely not known to many, but it is the software company that supplies the "Swiss Army Knife" in handling and opening documents in well known software like IBM Lotus Notes and Symantec Mail Security.
...
Despite Autonomy's unsubstantiated legal threats, Secunia will quite legally continue to do vulnerability research in Autonomy products and any other products of interest. Naturally, Secunia will also continue to publish research articles and advisories in an unbiased, balanced, accurate, and truthful manner as we serve one purpose only: To provide accurate and reliable Vulnerability Intelligence to our customers and the Internet in general.
Secunia is in continuous, ongoing, and positive dialogues with most vendors including large professional organisations like Microsoft, IBM, Adobe, Symantec, Novell, Apple, and CA. All understand and respect the need for informing the public about vulnerabilities and prefer to co-ordinate and synchronise the publication with important Vulnerability Intelligence sources such as Secunia rather than battling to keep things secret. It is truly sad to see that certain vendors like Autonomy still behave like many software vendors did back in the previous millennium.
Copies of all correspondence in this "matter" is available below in chronological order, enjoy:
1. Email from Secunia 20071128.pdf
2. Letter from Autonomy 20071202.pdf
3. Email from Secunia 20071203.pdf
5. Letter from Autonomy 20071203.pdf
4. Email from Secunia 20071204.pdf
6. Letter from Autonomy 20071205.pdf
-------------------
Sounds like Autonomy is joining Apple in the tight lip security communication club, but I believe that club is on a path of self-destruction.
No comments:
Post a Comment