[attrition] Survey on Vuln Disclosure: Request for Participation

[security curmudgeon]

If you are interested in vulnerability disclosure, work in the security 
field, or administrate computers for your company, it would be great to 
help Rick Forno with his project.


---------- Forwarded message ----------
From: Richard Forno <rforno at infowarrior.org>
Date: Thu, 05 Jan 2006 14:29:05 -0500
Subject: Survey on Vuln Disclosure: Request for Participation

As part of my doctoral studies, I am seeking community input regarding how 
secrecy and openness can be balanced in the analysis and alerting of 
security vulnerabilities to protect critical national infrastructures. To 
answer this question, my thesis is investigating:

1.  How vulnerabilities are analyzed, understood and managed throughout 
the vulnerability lifecycle process.

2.  The ways that the critical infrastructure security community interact 
to exchange security-related information and the outcome of such 
interactions to date.

3.  The nature of and influences upon collaboration and 
information-sharing within the critical infrastructure protection 
community, particularly those handling internet security concerns.

4.  The relationship between secrecy and openness in providing and 
exchanging security-related information.

The survey is located at http://www.infowarrior.org/survey.html and should 
take 10-15 minutes to complete. Participation is both voluntary and 
anonymous. Thank you for your help with this endeavor, and for helping 
distribute this request for participation to other interested 
parties/lists.

Thanks again for your help,

Rick
-infowarrior.org