Microsoft to Introduce Faster Security Disclosures

Starwax writes "Here's a very interesting strategy by Microsoft. After years of complaining about irresponsible disclosure of security alerts by grey hats, Microsoft will now confirm and discuss the vulnerabilities in a new pilot project launching on Tuesday. Advisories will be issued within one business day of a publicly reported security hole along with guidance and mitigation."

Re:i hate to sound like a total dunce

[YouCanCallMeAl]

Gray Hat [wikipedia.org] Somewhere between a "good guy" and a "bad guy" in terms of computer security.

Re:i hate to sound like a total dunce

[m50d]

A hacker/cracker who does illegal stuff but not unethical things.

From wikipedia...

[gahzinia]

http://en.wikipedia.org/wiki/Gray_hat [wikipedia.org]

In the computer security community, a "Gray hat" is a skilled hacker who sometimes acts legally and in good will and sometimes not. They are a hybrid between white and black hat hackers. They hack for no personal gain, and do not have malicious intentions, but commit crimes. For example, attacking corporate businesses with unethical practices could be regarded as highly ethical and yet would normally be tagged with the title of Blackhat activity. However, to a Gray hat, it may not appear bad even though it is against that local law. So instead of tagging it Black hat, it is a Gray hat hack.