Vulnerability disclosure debate: "we need more data" is only partially correct in my view. Modeling is where we're failing.
-
-
Replying to @benhawkes
There are unknowns involved in vulnerability disclosure: we have an adversary, and it's their job to deprive us of data.
2 replies 9 retweets 6 likes -
Replying to @benhawkes
If it were as simple as looking at the available data and choosing the best process, we wouldn't still be debating this 25 years later.
1 reply 4 retweets 0 likes -
Replying to @benhawkes
We should be debating whose model is the most accurate reflection of the real world, and which process is optimal within that model.
2 replies 1 retweet 2 likes -
Replying to @benhawkes
State your assumptions. State your goals. State your expectations. Then start the debate.
2 replies 6 retweets 3 likes -
Replying to @benhawkes
@benhawkes would love to challenge some of your views on this, but sadly that cant happen on twitter, only over beer and f2f.1 reply 0 retweets 0 likes
@PublicLaplinker Feel free to email me as well, I don't go to many conferences/events - DM and I'll pass on my details.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.