Brian Krebs has published his interview with Evgeny Legerov, the founder of Moscow based Intevydis on his new blog KrebsOnSecurity.
Legerov,
“After working with the vendors long enough, we’ve come to conclusion that, to put it simply, it is a waste of time. Now, we do not contact with vendors and do not support so-called ‘responsible disclosure’ policy,†Legerov said. For example, he said, “there will be published two years old Realplayer vulnerability soon, which we handled in a responsible way [and] contacted with a vendor.â€
Article here
Graham Cluley- Sophos: Irresponsible disclosure? That’s a big fat zero
