Really amusing considering our current discussions:

How to Handle Security Problems in Your Products

This is from Thomas H. Ptacek who’s blogging at I’m not sure how old it is.

Ptacek seems to think I’m smart (which I’ll never argue with) but have nothing new to say on disclosure. He’s probably right, but since we still don’t have industry consensus around disclosure there’s still words to be written, and old thoughts to be repackaged in new ways. This is a pretty old debate; one where I don’t expect resolution just because Pete Lindstrom, Ptacek, myself, or anyone else drops some blog posts. There’s just too many competing interests…