- Original Poster
- #1
Dear all
I've worked with a commercial computer software product suite for 15 years. I know it well. I was told to "shut up" about certain features known only to the deeply technical/implementers. The reason I mentioned these features was to give the customer a chance to execute a security review and change the implementation strategy.
I know this product is implemented at customer sites which do not have knowledge about the features - as such they are vulnerable - in the sense that if they hired a "bad egg" they could get access to information and be able to cover their tracks.
My question is: Is it wreckless of me to pubish on my blog details of how to identify the system vulnerabilities (i.e. educate a hacker) or should the world know about it so they can implement the system more securely?
Thanks
I've worked with a commercial computer software product suite for 15 years. I know it well. I was told to "shut up" about certain features known only to the deeply technical/implementers. The reason I mentioned these features was to give the customer a chance to execute a security review and change the implementation strategy.
I know this product is implemented at customer sites which do not have knowledge about the features - as such they are vulnerable - in the sense that if they hired a "bad egg" they could get access to information and be able to cover their tracks.
My question is: Is it wreckless of me to pubish on my blog details of how to identify the system vulnerabilities (i.e. educate a hacker) or should the world know about it so they can implement the system more securely?
Thanks
