There are no CVE IDs for Superfish because vulns in adware/malware/PUP are outside of CVE's scope & addressed by A/V processes
-
-
Replying to @SushiDude
@SushiDude So who defines the adware/malware/etc? Do you guys have a list? Some of it is "legal" or "legitimate" nowadays.1 reply 0 retweets 0 likes -
Replying to @kurtseifried
.
@kurtseifried A/V industry doesn't have absolute definitions after decades; boundaries too complex, dynamic, & murky2 replies 0 retweets 0 likes -
Replying to @SushiDude
@SushiDude@kurtseifried So the judgment of whether installing software was a wise decision dictates whether or not the software has a vul?1 reply 0 retweets 0 likes -
Replying to @4Dgifts
.
@4Dgifts@wdormann@kurtseifried in this case point is moot since Komodia lib was just given two CVEs. Discussion more complex than 1402 replies 0 retweets 0 likes -
Replying to @SushiDude
@SushiDude@4Dgifts@kurtseifried You know that "more complex than 140" isn't an out for avoiding discussion. /me remembers time before 140.1 reply 0 retweets 0 likes -
Replying to @wdormann
.
@wdormann@4Dgifts@kurtseifried fair enough but in 140 it can be hard to figure out who is disgreeing w/whom about what1 reply 0 retweets 0 likes -
Replying to @SushiDude
@SushiDude@4Dgifts@kurtseifried I'm not sure which annoys me more. The state of software security these days, or Twitter itself.1 reply 0 retweets 0 likes -
Replying to @wdormann
.
@wdormann@4Dgifts@kurtseifried need a better forum than Twitter for hardcore CVE geeks w/opinions to debate w/o annoying everyone else2 replies 0 retweets 0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.