@attritionorg well ZDI was re-using it and Google is on their "it is ethical to disclosure ALL YOUR VULNS IMMEDIATELY TO THE VENDOR" trip
-
-
Replying to @attritionorg
@attritionorg Google is on the trip for a while to say that not disclosing (and merely sitting on bugs, not abusing) is unethical.2 replies 0 retweets 2 likes -
Replying to @attritionorg
@attritionorg I see. I do not subscribe to the church that knowning about a vuln makes me ethical obligated to report it.1 reply 1 retweet 1 like -
Replying to @attritionorg
@attritionorg@i0n1c "if YOU know about a bug, you *have* to assume a dozen others do"<<How on earth can we get it into at least 1 textbook?2 replies 3 retweets 3 likes -
Replying to @sergeybratus
@sergeybratus@attritionorg@i0n1c that math doesn't work.1 reply 0 retweets 0 likes -
Replying to @SpireSec
@spiresec@attritionorg@i0n1c Depends on the use case :) Citing a textbook can do wonders in certain arguments :)1 reply 0 retweets 1 like -
Replying to @sergeybratus
@sergeybratus@spiresec@attritionorg solution seems so easy: use 0-day to buy an island and release your own textbooks!2 replies 0 retweets 5 likes
@i0n1c @sergeybratus @spiresec nah, create a 'cut out' and disclose anyway. let the companies that don't care, chase that persona.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.