[VIM] Legal Threats to Take Down Vulnerability Entries
jericho
jericho at attrition.org
Fri Aug 7 11:16:23 CDT 2015
: Once in a while we receive legal threats by vendors, pr companies and
: lawyers to take down vulnerability entries published in our public
: database. The reasons are usually:
We have in the past, but it has been some time since we received a
veiled or "real" legal threat (meaning it was just email saying they would
sue if we didn't do what they want).
: The disputed entries are usually not only available at our database.
: Other vulnerability databases and ressources (news, mailinglists,
: bugtracking system) are usually mentioning the issues too.
I always point out that the information is in other VDBs, as well as the
original disclosure point, which is often mirrored on a half dozen blogs
now.
: How do you react regarding such kind of inquiries?
In no uncertain terms, we tell them to fuck off.
More information about the VIM
mailing list