Indeed, many vendors, network administrators and security companies adopt a policy of less-is-more when it comes to the question of how much information to release to the public about a particular software bug, exploit or attack. . . .
Indeed, many vendors, network administrators and security companies adopt a policy of less-is-more when it comes to the question of how much information to release to the public about a particular software bug, exploit or attack.

The reasoning goes something like this: If they release too many details, not only will they give hackers more ammunition for their attacks, but also -- and more importantly for the vendor whose software or standard was breached -- they'll open themselves up to public scrutiny and criticism.

Microsoft Corp., for example, is notoriously tight-lipped about security flaws in its products, but usually takes a beating in the press nonetheless any time a bug is found.

The link for this article located at ZDNet / eWeek is no longer available.