well, we all know these gimmicks are not about protecting users, or a realistic mitigation would have been provided.
Of the practical options available to researchers, I think deadlines give the best outcomes for user security.
-
-
deadlines are ok. Impossible deadlines are not. Dropping details of a 0-day w/o realistic mitigation is not.
-
you could simply have announced that a vuln existed in w32k w/o giving details. Would have been a lot less dangerous
- 11 more replies
New conversation -
-
-
I agree it helps, but more ThreatIntel sharing helps more (for users) https://twitter.com/haifeili/status/793156324590620674 ….
-
there are many non public channels to pass details without putting them in wrong hands
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.