I think this probably isn’t the high end of what one could do if one were big bountying seriously like it were a business, but I suppose that that asymptotically approaches running a security consultancy and may be dominated by doing so. Also, software people: charge more.https://twitter.com/nnwakelam/status/1139640401596305408 …
-
-
Can see why you'd disagree. It would make sense if Google could track better, though IME bigger orgs have more pieces, thus harder to track. Biggest reason not to think Google has this 100% right: stuff like the infamous "unencrypted passwords in random logfile" issue.
-
It's not "they should do better." It's "as people who can add new stuff multiply, ability to track stuff fails to keep up." Can avoid with 100% required internal infrastructure with guaranteed no workarounds, which is normally equivalent to "with faerie dust and unicorns."
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.