Are embargoes on (open source) security bugs needed? Only in the most extreme cases, @kurtseifried argues https://securityblog.redhat.com/2015/06/10/the-hidden-costs-of-embargoes/ …
@dakami @virusbtn @kurtseifried single vendor issues != multi-vendor or 'library' issues, at all
-
-
@attritionorg@virusbtn@kurtseifried in open source nothing is single vendor as per distros (outside of cms) -
@dakami@virusbtn@kurtseifried big difference between product + linux vendors -vs- protocol / huge library (e.g. openssl). can't compare -
@attritionorg@virusbtn@kurtseifried decisions aren't free -
@dakami@virusbtn@kurtseifried wrong. decisions are free. the resulting fallout is where the costs add up. -
@attritionorg@virusbtn@kurtseifried decision fatigue is well documented. -
@dakami@virusbtn@kurtseifried could also reply with "Compassion fatigue" is very different, and very telling. read between the lines. -
@attritionorg@virusbtn@kurtseifried decision and compassion fatigue, two halves, same coin. Absolute policy as exhausting as debates. -
@dakami@virusbtn@kurtseifried same coin, but "heads vs chinchillas" if you want to try to force that analogy. mentally, different. - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.