Letter

Letter to Tech Companies on Meltdown and Spectre Vulnerabilities


01.24.18

Excerpt: “While we acknowledge that critical vulnerabilities such as these create challenging trade-offs between disclosure and secrecy, as premature disclosure may give malicious actors time to exploit the vulnerabilities before mitigations are developed and deployed, we believe that this situation has shown the need for additional scrutiny regarding multi-party coordinated vulnerability disclosures. As demonstrated by numerous incidents over the past several years, cybersecurity is a collective responsibility. Further, it is a responsibility that is no longer limited solely to the information technology sector; connected products exist in electric grids, hospitals, manufacturing equipment, and in innumerable other sectors.”

Click here to read the full letters online.

Letter