> I think that the biggest pro of full disclosure, is that it get's people > off their butts and gets a good solution or patch that much faster. I have yet to see evidence of this. Based on my conversations with personnel at various computer companies, the only thing full disclosure seems to do is (sometimes) encourage them to release bug fixes without quite as much testing. This sometimes leads to patches that don't completely fix the problem. That is not a "good solution." If anyone can provide me with verifiable evidence that full disclosure results in faster production of patches of good quality, I would be very interested in seeing it. Otherwise, it's just wishful thinking. --spaf