I still think that a) the decision to call CVE-2014-0160 HeartBleed and then b) a $100 design contest logo were probably two of the best decisions made in the history of computer security, probably generating minimally hundreds of millions of dollars of savings to users.https://twitter.com/tqbf/status/1126259809370746880 …
-
Show this thread
-
I'm truly agnostic on whether IRIDIUMOSTRITCH is a better name than HeartBleed; it's clear that either of them are far, far better than CVE-2016-0140.
2 replies 1 retweet 34 likesShow this thread -
Replying to @patio11
The second & third order effects of it consumed (conservatively) months of my life and I still can't remember the goddamn CVE number
1 reply 0 retweets 2 likes -
Replying to @kevinriggle @patio11
I unironically mark Heartbleed as the moment that the software industry woke up and got serious about software security, and it's all down to somebody applying I guess $100 bucks worth of marketing sense to a vuln for once
2 replies 0 retweets 4 likes -
Replying to @kevinriggle
I don't know if I'd go that far (the trusted computing memo and Google's response to Operation Aurora [0] are both pretty seminal), but it's definitely worth a chapter. [0] The Chinese intelligence apparatus understands the need to brand things better than Google does.
2 replies 0 retweets 2 likes
Operation Aurora, for those who haven't heard it by that name, is when China owned Google up; Google's response was approximately "We will pay ANY PRICE for that to not happen again. The budget for securing our products is infinity dollars. Do. You. Hear. Me."
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.