Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @itswillis
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @itswillis
-
At Google Project Zero, the team spends a *lot* of time discussing and evaluating vulnerability disclosure policies and their consequences. It's a complex and controversial topic! Here's P0's policy changes for 2020 (with our rationale for the changes): https://googleprojectzero.blogspot.com/2020/01/policy-and-disclosure-2020-edition.html …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
... TAG *only* saw iOS exploitation on these sites when TAG found them back in Jan 2019 (and yes, they looked for everything else as well). That said, anyone out there with full chain 0day in-the-wild from Android / Windows, feel free to reach out and we'd love to take a look!
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Contrary to some commentary, Project Zero's long form blogs are based on deep technical research into 0-days and novel exploitation, not a commentary on target populations or the wider threat space. Specifically though in this case (and as a one-off), I can tell you that...
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
3. The unglamorous but important work of code testing and review. Uncaught software development errors can have a huge impact on device security. Shout outs to all the testing/review/QA peeps out there - hopefully you can use these posts for more funding for your future work!
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
2. The high rate of vulnerability discovery collisions between our team and real world attackers. Pressuring vendors to patch quickly, as well as vendors working hard to encourage quick patch adoption, is stopping demonstrated end-user harm.
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Having spent most of this week editing
@i41nbeer 184-page “blogbook”, I’d like to highlight three things so they don’t get missed: 1.@5aelo's JSC exploit piece (https://googleprojectzero.blogspot.com/2019/08/jsc-exploits.html …) on patch gapping and n-day bugs being used as an easy way to score 0-day like capabilitiesShow this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Poll: Should all governments be required to produce high quality cybersecurity dance/music videos to support their national programs? e.g. https://www.youtube.com/watch?v=LZqhJsyIG0s … from the Republic of Korea's
@kisa118 (h/t@maartenvhb)Thanks. Twitter will use this to make your timeline better. UndoUndo -
Good times and looking forward to it! The die is cast on the twitter front - no turning back now. Honourable mentions to
@zerointerupt and@laparisa for their previous attempts to goad me into twitter action.https://twitter.com/benhawkes/status/1101549969876480000 …Thanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.