Full disclosure movement
|
Many hackers believe that posting working code taking advantage of vulnerabilities in a popular program or system will hasten the developers' release of an update or a patch to correct the issue. In some cases, a hacker or cracker may release an easy to use trojan or virus as a proof-of-concept.
A lot of the time, the hacker will give developers some time to fix problems and issue patches before full disclosure. This time is usually a short period, and it is rarely extended. Depending on the problem, various periods are given to the developers. A few days to around a week is considered a good deadline in case of most simple problems (buffer overflows etc.); longer time is given if the problem is particularly deep.