Opening up the Security Strategy Working Group
Posted by Craig H on 6 November 2009
We’ve been trying to get a Security Strategy Working Group going, and thus far it hasn’t really taken off. Chatting with various people about this, we’ve decided that, following Symbian’s principles of open governance, we should be brave and open the discussions to the world at large.
Do please note that this is not a commitment to full disclosure of unfixed security vulnerabilities; the point of this working group is, among other things, to discuss what the right policy should be for dealing with vulnerabilities. I (Craig) favour responsible disclosure, but that’s up for discussion.
If you have an opinion on the work items (and you really should, they will affect device manufacturers, security researchers, network operators, package owners and committers, security tools vendors and anyone who even uses a Symbian Platform device) then please sign up for the mailing list!