BYU logo Computer Science
CS 465 Introduction to Security and Privacy

Ethics and Vulnerability Disclosure

When a researcher finds a vulnerability, they typically go through a disclosure process to report the bug and give the affected products time to be patched before they publicize the vulnerability.

For this assignment, write a 2-page paper explaining the ethical principles that are used to guide a disclosure process.

  • Start by learning about vulnerability disclosure and how it operates. Look for resources that explain the ethics of vulnerability disclosure. There is no definitive list or approach, so consult multiple sources and gather as many unique viewpoints as you can find. Consider responsibilities of companies as well as those who find the vulnerability. Take notes as you do this research.

  • Next, consider a variety of gospel resources, including the scriptures and general conference talks. Do these principles echo or strengthen principles followed in industry? Does the gospel suggest any additional principles that a disclosure process should follow? Again, take notes as you do this research.

  • Finally, write a 2-page paper that summarizes what you know about how the vulnerability disclosure process works, the ethical principles that should guide both individuals and companies, and how the gospel relates to these principles.

  • Be sure to cite all of your sources. You can do this with endnotes.

Discussion

You are welcome to discuss what you have learned with others in the class, but you should write your own paper.

Turn in

A 2 page, single-spaced paper, with 1-inch margins.

Grading

Full credit for papers that are 1.5 pages or longer, follow the formatting requirements, and deeply engage with the subject.