Full Disclosure

In the (distant) past, people who found vulnerabilities reported them discretely to the vendors.
- No fixes at all, or not in a timely manner.
- The "Black Hat" community still knew of problems.
- Problems were never patched.
The “Full Disclosure” movement.
- Vulnerabilities are reported, but then disclosed to the public.
- The negative PR usually forces the vendor to patch.
Master key vulnerability – modern example.

In the (distant) past, people who found vulnerabilities reported them discretely to the vendors.