Unpopular opinion: I’m ok with Americans hacking jihadis’ mobile phones rather than converting those bugs into CVEs.
-
-
yeah exactly
-
So no I don't think someone is likely to burn a 0day on ransomware. However...
-
Reporting and fixing these vulns has multiple effects that benefit users' security.
-
I’m having cognitive dissonance. Please explain how both these two statements are truehttps://twitter.com/RichFelker/status/767555019784724480 …
-
Not understanding which statements you're asking about & whether you find them contradictory or just both doubtful.
-
the one I linked and the one I replied to.
-
I'm working from a model where a given piece of sw has a (imperfectly known, maybe entirely unknown) vuln density.
-
Revealing vulns, especially when the sw was not previously known to be awful, has major positive effects on security
- 4 more replies
New conversation -
-
-
Flash 0 days have been spotted in the wild quite a bit. Perhaps because exploit code is/was so reusable.
-
At least once, Mozilla had time to mark it as insecure in Firefox before a patch was actually available.
-
They haven't been doing that for very long though.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.