Thread: When you’ve spent more time arguing with the vuln finder about making it their job to find out whether or not your OS is affected, than actually going to check if it’s affected on your own and making a patch if so.https://twitter.com/encthenet/status/1082784359118061568 …
-
-
Replying to @aionescu
No, that's not at all what I was asking. That's what he kept saying. I was saying that he should inform vendors so that they can do proper risk assessment and research to find out if they are vulnerable. And he kept saying it was his job to decide that.
3 replies 0 retweets 4 likes
Replying to @encthenet @aionescu
I'm sorry that some projects/vendors feel left out. Researchers often need to make a huge number of trade-offs to arrive at the optimal outcome for user security, and some of the problems discussed here are deceivingly complex. Generally though: we're trying to do the best we can
7:52 PM - 8 Jan 2019
0 replies
0 retweets
4 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.