OTOH bugs in consumer facing devices WILL have harsh consequences: domestic violence, stalking, ransomware, financial harm, etc.
Revealing vulns, especially when the sw was not previously known to be awful, has major positive effects on security
-
-
OpenSSL was a great example of sw that was assumed to be good until vulns were publicized. Cisco is similar IMO.
-
I think it's safe to say OpenSSL's vuln density is a lot lower now than it was before Heartbleed was public.
-
When sw has major vulns but they remain secret, even if 3rd parties don't rediscover the undisclosed vuln...
-
...the sw stays in widespread use with lots of vulns present, and malicious parties discover & exploit other vulns.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.