[liberationtech] Responsible Disclosure on (Recent Malware in Syria)

Collin Anderson collin at averysmallbird.com
Thu Mar 15 18:53:34 PDT 2012 

Security-minded colleagues,

While policy and practice on disclosure of hardware and software-level
vulnerabilities appears to be a well-trodden path, there is a dearth of
discussion concerning responsible documentation and publication of active
security threats to populations. With the opportunity to reconcile
disparate research efforts, there is also a teachable moment to share
standards of practice and ethnical principles.

I would appreciate any links, documents, etc that others have to share on
the matter.

Cordially,
Collin


On Thu, Mar 15, 2012 at 10:34 AM, Rafal Rohozinski
<r.rohozinski at psiphon.ca>wrote:

> There is a CS  malware working group that's been established. Secdev is
> involved (via  freedom house supported project) and membership in the
> working group overlaps with several other groups working in this area
> including those you listed. The Citizen Lab also has a malware research
> project that is working on targeted malware attacks that includes Syria.
>
> Rafal
>
>
> Sent from my PsiPhone
>
> On 2012-03-15, at 10:21 AM, Andrew Lewis <lta893 at gmail.com> wrote:
>
> > It looks like at least Telecomix, Torproject and EFF are working on the
> recent threats to come out of Syria, is there anyone else looking into it
> besides them? It may also make sense to combine efforts in some way.
> >
> > -Andrew
> > _______________________________________________
> > liberationtech mailing list
> > liberationtech at lists.stanford.edu
> >
> > Should you need to change your subscription options, please go to:
> >
> > https://mailman.stanford.edu/mailman/listinfo/liberationtech
> >
> > If you would like to receive a daily digest, click "yes" (once you click
> above) next to "would you like to receive list mail batched in a daily
> digest?"
> >
> > You will need the user name and password you receive from the list
> moderator in monthly reminders. You may ask for a reminder here:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> >
> > Should you need immediate assistance, please contact the list moderator.
> >
> > Please don't forget to follow us on http://twitter.com/#!/Liberationtech
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
>
> Should you need to change your subscription options, please go to:
>
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
> If you would like to receive a daily digest, click "yes" (once you click
> above) next to "would you like to receive list mail batched in a daily
> digest?"
>
> You will need the user name and password you receive from the list
> moderator in monthly reminders. You may ask for a reminder here:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
> Should you need immediate assistance, please contact the list moderator.
>
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
>



-- 
*Collin David Anderson*
averysmallbird.com | @cda | Washington, D.C.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20120315/717d9969/attachment.html>

More information about the liberationtech mailing list