How we found a vulnerability in IBM's backup product - the workaround and a bit about the Responsible Disclosure process

A few months back, my good friend Flemming Riis  and I found a fundamental security vulnerability in the IBM Tivoli Storage Manager (TSM) client, while researching IBM TSM’s handling of authentication ("Node ID" and "Node Password") and unsafe implementations of TSM, wh