|
Responsible disclosure practices
As FRC's control system moves towards popular technologies, it seems inevitable that security vulnerabilities will be discovered in components of the FRC control system. If someone were to find a software vulnerability somewhere in the FRC control system, what's the procedure to responsibly disclose it to FIRST and allow ample time for patching before public disclosure? Previous exploits have been demonstrated against FMS publicly (you may recall the 2012 Einstein incident), and I think it would be a good idea if FIRST had some clear policy laid out so people don't resort to demonstrating exploits live.
__________________
2014 Waterloo Regional Winner (254 & 2056)
2014 Curie Semifinalist (118, 359 & 4334)
2014 Fall Fiesta Finalist (2056, 4476)
6 X Gracious Professionalism Award Winner
|
Heck, every human being has the potential to change the world, as long as the world still exists. - [more] 
Threaded Mode