This Is Why You Don't Punish The Messenger On Security Vulnerabilities
from the solve-the-vulnerability-at-least dept
Over the past few years, we’ve pointed to case after case after case after case after case after case of those who pointed out security vulnerabilities being attacked or blamed for the vulnerability. It’s true that sometimes the “researchers” go too far — but the important point is that security vulnerability get fixed. Instead, it’s much easier to simply blame the messenger. Now, with all of the talk about hackers breaking into and taking data from Ohio University computers, Jon has submitted a story reminding everyone how it was just a few years ago that Ohio University was busy blaming the messenger for pointing out how weak the school’s computer security was. Apparently, in the rush to blame and bury the guy, no one actually thought about fixing and protecting their computer system.