Forgot your password?
typodupeerror
Google

+ - Ormandy gave Microsoft 60 days, not 5 1

Submitted by AlgorithMan
AlgorithMan (937244) writes "We recently discussed the disclosure of an exploit for Windows-XP by Google engineer Tavis Ormandy only 5 days after notifying Microsoft about it. Many called his action irresponsible and even criminal, especially since the exploit is actively attacked. It turns out he gave them 60 days, not 5! In this regard I might add that many people seem to think "zero-day" was a synonymous for "exploit". It is not. If anything, it would have been a "five-day"."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Ormandy gave Microsoft 60 days, not 5

Comments Filter:
  • We recently discussed the disclosure of an exploit for Windows-XP by Google engineer Tavis Ormandy only 5 days after notifying Microsoft about it.

    It turns out he gave them 60 days, not 5!

    The second part appears to attempt to correct misinformation in the first part. However, the first part is accurate. Tavis didn't "give" 60 days. He demanded commitment to 60 days, didn't get it, and went "5 days it is then".

Premature optimization is the root of all evil. -- D.E. Knuth

Working...