Friday, August 26, 2016

The Unintended Consequences of Software Liabilities


People love the idea of holding software company's feet to the fire when it comes to security. You hear a lot about software liabilities, how "inevitable" they are for example, at CFR meetings or other policy forums. You hear about mandatory FDA-enforced or Commerce enforced recalls for cars or other IoT devices with software vulnerabilities.

But if you do that, you make it so every hacker in the world can figure out the cost of a disclosed vulnerability, which means shorting stock becomes the best bug bounty in the world. "Why not just control all vulnerability disclosure?" the policy makers then say. Fantastic idea. I wonder if THAT will have any unintended consequences?


  1. He also discussed how "deep learning" may change how we consider IP, field service software 

  2. Thanks for taking the time to that, I feel strongly about this and so really like getting to know more on this kind of field. Do you mind updating your blog post with additional insight? It should be really useful for all of us. antivirus panda

  3. Just admiring your work and wondering how managed this blog so well. It’s so remarkable that I can't afford to not go through this valuable information whenever I surf the internet!blue iris software