It seems like security researchers will have an important role to play in pushing for patch quality and variant analysis! Not sure exactly what that looks like yet, but there's quite a few good options for us to try.
-
-
Show this thread
-
If you're a security researcher that has recently had a high impact bug fixed incorrectly, let me know! I'm interested in collecting more examples.
Show this thread
End of conversation
New conversation -
-
-
Is it a must that the reporter know the root cause or is that the job of the engineering team who built it? What about the mitigation?
-
I think it’s more about ease / efficiency at a particular link in the chain. Fan in from people reporting issues to people who can fix them can be huge. The closer reports are to isolating root cause & reproducibility, the easier it is to fix. Time pressure on devs is huge.
End of conversation
New conversation -
-
This Tweet is unavailable.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.