1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

EFF questions US government's software flaw disclosure policy

Discussion in 'Network World' started by RSS, Mar 31, 2015.

  1. RSS

    RSS New Member Member

    It’s not clear if the U.S. government is living up to its promise to disclose serious software flaws to technology companies, a policy it put in place five years ago, according to the Electronic Frontier Foundation.

    The digital watchdog said on Monday it received a handful of heavily redacted documents from the Office of the Director of National Intelligence (ODNI), which it sued last July after it and the National Security Agency moved too slowly on a Freedom of Information Act (FOIA) request.

    Last year, the EFF sought documents related to the U.S. government’s efforts to beef up its Vulnerability Equities Process (VEP), a framework for notifying companies about zero-day vulnerabilities.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page