How not to respond to security issues

Aug.15, 2009 in Security, Short newslinks

Wat is the worst response you can give when someone alerts you about a security issue in your software? I can almost hear you thinking: “waiting two years to fix it“, but there is an even worse response. Some companies just simple don’t respond at all. Simply amazing…

After verifying the issue we contacted the company in several ways, emailing several addresses, but failed to “reach” anyone. We received several automated responses, and even our inquiry to their sales emails, returned nothing, are we missing something?

So, if anyone from Invision Power is reading this: you might want to contact noamr[at]beyondsecurity.com.

« Squirrelmail plugins altered by hackers

Palm defends tracking Pre user locations »

Comments (1)

One Comment on “How not to respond to security issues”

Tee
August 18th, 2009 at 11:12 pm
Are you sending the e-mails to the right address? I’ve been an IPS customer for YEARS, and they have always promptly replied to my e-mails.

Welcome!

Use the links below to navigate this site.
If you have any suggestions for improving this site, feel free to let me know at mar...@securityandthe.net, or leave a comment on the site.

Recent posts
Categories
- Apple (24)
- General (51)
- Howto's (3)
- Humor (4)
- News (103)
- Security (99)
- Short newslinks (67)
- Spammers (8)
Archives
- October 2009 (1)
- September 2009 (4)
- August 2009 (4)
- July 2009 (4)
- June 2009 (12)
- May 2009 (8)
- April 2009 (14)
- March 2009 (7)
- February 2009 (17)
- January 2009 (9)
- December 2008 (18)
- November 2008 (24)
Blogroll

Security and the Net

News and opinions about security, the internet and more