This is regarding the Microsoft Security Response Center (A)" Case
- What are the main issues surrounding this case?
- Who are the main stakeholders that Culp should be concerned with?
- Identify and prioritize the issues that Culp should be concerned with and develop a plan of action and a timeline
- Not all hackers are as ethical as CyP. How do you reward him/her and encourage that behavior?
- The public blames software companies for developing programs with vulnerabilities and then taking so long to provide solutions for vulnerabilities.
- Should the companies take more time to develop software (to make sure that it is not vulnerable)?
- What are the arguments for or against providing source code to the public (e.g., Linux)?
- Public perception (and confidence) is integral to sales. How can the information be released to the public without provoking the thought, "How many other vulnerabilities like this are there in other products?" Does the public have to know about the potential extent of the vulnerability?