As a hosting company, we manage a complex software stack on behalf of our clients, and we need to know that we have the most up-to-date information about potential vulnerabilities in order to keep our clients safe.
Southfield, MI (PRWEB) September 21, 2015
Future Hosting, a specialized VPS, application, and dedicated server hosting provider, has announced its support of the responsible disclosure of security vulnerabilities. The company's public statement of support for responsible disclosure was prompted by the recent announcement of multi-stakeholder talks arranged by the National Telecommunications And Information Administration — part of the United States Department Of Commerce — that will bring together security researchers and software developers to discuss issues surrounding the disclosure of security vulnerabilities.
Responsible disclosure — the disclosure of vulnerability details after an agreed period of time has elapsed to allow developers to create and distribute patches — helps prevent a reliance on ineffective "security by obscurity" approaches in which software creators attempt to avoid implementing fixes, instead hoping that they will not be discovered and exploited by malicious individuals.
“We support responsible disclosure because it helps align the interests of software developers with users,” said Maulesh Patel, VP of Operations of Future Hosting, “Security researchers should, of course, give developers a reasonable amount of time to create patches and fix vulnerabilities, but if they appear unwilling or unable to do so, it's important that users of the software can make an informed choice about the risks. As a hosting company, we manage a complex software stack on behalf of our clients, and we need to know that we have the most up-to-date information about potential vulnerabilities in order to keep our clients safe.”
Software of any complexity is prone to vulnerabilities. Mistakes made by developers lead to security vulnerabilities that can be exploited by criminals and other malicious third-parties to extract sensitive data or take control of computer systems. Developers of software are occasionally not motivated to fix such vulnerabilities, preferring instead to limit knowledge of the vulnerabilities through legal action and other forms of coercion directed towards security researchers.
In some cases, while vulnerability disclosure does increase the short-term risk to users — malefactors are likely to use the disclosed vulnerabilities — it also helps incentivize companies to implement fixes in software that would otherwise remain vulnerable because the developers consider removing the vulnerability to be technically or economically difficult.
About Future Hosting, LLC
Founded in 2001, Future Hosting is a privately held leading Internet solutions provider specializing in managed hosting, including Dedicated Servers, Virtual Private Servers, and Hybrid Virtual Private Servers. The company has built a strong reputation for its high-quality service, innovative pricing models, and 3-hour Service Level Agreement. Future Hosting is based in Southfield, Michigan. For more information, visit http://www.futurehosting.com