Ethics
Differing views surround the collection and use of zero-day vulnerability information. Many computer security vendors perform research on zero-day vulnerabilities in order to better understand the nature of vulnerabilities and their exploitation by individuals, computer worms and viruses. Alternatively, some vendors purchase vulnerabilities to augment their research capacity. An example of such a program is TippingPoint's Zero Day Initiative. While selling and buying these vulnerabilities is not technically illegal in most parts of the world, there is much controversy over the method of disclosure. A recent German decision to include Article 6 of the Convention on Cybercrime and the EU Framework Decision on Attacks against Information Systems may make selling or even manufacturing vulnerabilities illegal.
Most formal efforts follow some form of RFPolicy disclosure guidelines or the more recent OIS Guidelines for Security Vulnerability Reporting and Response. In general these rules forbid the public disclosure of vulnerabilities without notification to the developer and adequate time to produce a patch.
Read more about this topic: Zero-day Attack
Famous quotes containing the word ethics:
“Such is the brutalization of commercial ethics in this country that no one can feel anything more delicate than the velvet touch of a soft buck.”
—Raymond Chandler (1888–1959)
“The most powerful lessons about ethics and morality do not come from school discussions or classes in character building. They come from family life where people treat one another with respect, consideration, and love.”
—Neil Kurshan (20th century)
“In history the great moment is, when the savage is just ceasing to be a savage, with all his hairy Pelasgic strength directed on his opening sense of beauty;—and you have Pericles and Phidias,—and not yet passed over into the Corinthian civility. Everything good in nature and in the world is in that moment of transition, when the swarthy juices still flow plentifully from nature, but their astrigency or acridity is got out by ethics and humanity.”
—Ralph Waldo Emerson (1803–1882)