If a hardware or software maker finds a vulnerability in one of its products, how should it respond?
ANSWER PART 1 AND PART 2 BRIEFLY:
4. the person who wrote the portion of OpenSSL code containing the Heartbleed vulnerability said the error slipped through because there weren’t enough eyes looking at the code for possible errors. Because OpenSSL is open source, could a shortage of paid code checkers mean there might be more errors like Heartbleed. Why?
5. If a hardware or software maker finds a vulnerability in one of its products, how should it respond? Does it have a legal responsibility to warn its users? Does it have an ethical responsibility to do so? Why or Why not?
Is it spying or just good management?
You can use the following questions as a guide for your posts. You don’t need to follow them verbatim and feel free to add any additional thoughts you may have. (bonus points)
Is it legal for employers to use these types of monitoring techniques? How do you feel about the ethics of employers using these techniques?
What are your feelings about having your communications monitored as an employee? Do you think you would use these techniques as a manager? Are there any situations it would be absolutely necessary to use these techniques?
Free packet sniffing software can be found at www.wireshark.com