Full disclosure requires that full details of a security vulnerability are disclosed to the public, including details of the vulnerability and how to detect and exploit it. The theory behind full disclosure is that releasing vulnerability information immediately results in quicker fixes and better security. Fixes are produced faster because vendors and authors are forced to respond in order to protect their system from potential attacks as well as to protect their own image. Security is improved because the window of exposure, the amount of time the vulnerability is open to attack, is reduced. A guest speaker will be joining us to discuss full, limited, and responsible disclosure along with the various contraversies that surround the subject. Should researchers agree to the timelines set up by vendors for fixes and patches? What happens when a vendor refuses to come to an agreement? This talk will set the tone for conversations in ethics of disclosure and the sales of 0days in the underground.
There will also be a GNOME 3 launch party showing off some of the modern desktop’s latest features.
More presentations to be announced.
Date: Saturday, June, 4th, 2011.
Location: Miami Shared
990 Biscayne Blvd, #501
Miami, FL 33132