A MIsguided Attempt at Reducing Security

Full Disclosure: imageshack – pwned for anti-sec..

They also hit an outfit called SSANZ.

Full-Disclosure is not meant to make money.  If full disclosure did not exist many security issues would never be known by anyone except the bad buys.  Companies like Microsoft would never have had to refocus on the lack of security of their products and would never have made the improvments they have.

Some vendors are only moved by full disclosure…some will move if you contact them first.  Others like Microsoft only would move if you disclosed publicly first.  I think full disclosure is a good thing and has enchanced the overall security of the entire software industry.  Just because some “security” vendors have misused full disclosure to profit does not mean full disclosure is a total bad thing.  I think anti-sec is on the wrong side of the wall here.