full disclosure has definitely become more domesticated

Jeremiah Grossman has written about how Full Disclosure is dead. Good article, and some interesting comments on his blog.

Is FD dead? Well, not really, but even as attackers have criminalized to realize profit, so too have “researchers” grown up and realized they can get jobs doing this fun hacking stuff. With jobs comes some professional integrity, maybe not just with proper disclosure, but with not getting into legal trouble and becoming the next rogue IT admin plastered around the presses. Heck, some of these guys get jobs for their silent disclosures, or money for reporting them and shutting up (a sort of legalized form of extortion or ridiculously cheap labor, take your pick).

We can also see this with far less people hiding behind aliases, and likewise the number of hobbyist security persons.

Is FD dead? I don’t think so, but the pool of people who *can* provide FD has greatly diminished. Should FD die? No, because in many cases I prefer FD to staying hidden in the darkness of naievity. We certainly need it, and if FD does ever appear to die, I’ll be willing to bet yet another cyclical counter-counter…counter-culture will emerge fighting against The System and not playing as complacently as the rest of us aging geeks are doing.