Awesome work, and I really like that they provide general insights to go along with the attack research results.https://twitter.com/dwizzzleMSFT/status/920637599449939968 …
-
Show this thread
-
For example, Project Zero has talked at length with Chrome, Android, and Apple about source code/binary patch gaps in the past.
1 reply 2 retweets 5 likesShow this thread -
We told them that attackers are incentivized to watch for patches in a way that defenders aren't, and they accepted the risk.
1 reply 2 retweets 5 likesShow this thread -
The vendors have reasonable positions for why they do this, but having other researchers raise this helps to balance perspectives.
1 reply 2 retweets 7 likesShow this thread -
MS OSR will get the same "marketing attack" critiques that we get, but it just isn't true. They're just trying to improve security.
1 reply 3 retweets 16 likesShow this thread
So I couldn't be more excited about this type of research publication, and I hope we get to see more of them. Good job Jordan!
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.