In principle, 100% agree. In practice: Worst openssl bug ever: not heartbleed Best known openssl bug ever: heartbleed Bug that finally got openssl maintenance money: heartbleed First openssl bug with logo: heartbleedhttps://twitter.com/matalaz/status/973633088248008704 …
-
-
RCEs are definitely theoretically a higher privilege attack, but it usually takes a few days at least for the mass-exploits to hit, giving folks time to upgrade. Plus there's a repository of techniques to confound them.
-
Anecdata: I can still remember the 48-hours around Heartbleed in incredible detail. Slammer is the only other vuln I can remember like that.
- 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.