← Back to context

Comment by abcdef123xyz123

8 years ago

OpenBSD has never disobeyed an embargo. Argued for them to be reduced, criticized them, but not disobeyed them.

3 comments

abcdef123xyz123

Reply
DannyBee  8 years ago

i'm pretty sure this is not true: The most recent example i remember is: https://lobste.rs/s/dwzplh/krack_attacks_breaking_wpa2#c_pbh...

  • capt8bit  8 years ago

    This is common misinformation. Even in this case, OpenBSD did not break the embargo. After protesting, they received the permission of the researcher to publish:

      Note that I wrote and included a suggested diff for OpenBSD already, and that
  at the time the tentative disclosure deadline was around the end of August. As
  a compromise, I allowed them to silently patch the vulnerability.

    (https://www.krackattacks.com/#openbsd)