I started doing this so as to categorically reject patching, hidden bug databases, and other reactive measures as security features.
In particular, instead of paying Red Hat (et al.) to do patching & bugzilla, we now urge people to contribute to preventative work.
-
-
-
woah! That's super cool, thanks for sharing!
-
I recommend you look at, say, the Firefox bug database and compare the avg. time-to-fix for “responsibly-disclosed” vs “0-day” bugs.
-
not knowing how to navigate bugzilla at all, I will go ahead and guess the pub ones get fixed sooner
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.