At Google Project Zero, the team spends a *lot* of time discussing and evaluating vulnerability disclosure policies and their consequences. It's a complex and controversial topic! Here's P0's policy changes for 2020 (with our rationale for the changes): https://googleprojectzero.blogspot.com/2020/01/policy-and-disclosure-2020-edition.html …
Odgovor korisniku/ci @itswillis
If a patch is released in 20 days, but the vendor chooses to offer details in the release notes, customers may not patch. An assumption is being made in that customers deploy all patches and then find out later they aren't vulnerable. I don't think it's the right premise.
16:00 - 7. sij 2020.
0 replies
0 proslijeđenih tweetova
1 korisnik označava da mu se sviđa
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.