Microsoft seems to finally be caving on the idea of security through obscurity. No, it's software isn't being open-sourced, but it is creating a public forum in which to discuss its security research and patch management process. The Microsoft Security Vulnerability Research and Defense blog is designed to "provide more information about Microsoft vulnerabilities, mitigations and workarounds, and active attacks."
Doesn't Microsoft already do this? Well, yes. Sort of. But the blog--which is maintained by what appears to be Microsoft's top security people--is meant to give a deeper look into how it … Read more