Again, the thing I don’t get about the hard deadline is: perhaps MS is fixing *other* serious bugs that it has found and which it judges are higher priority? Why do external researchers get to decide MS’s priorities without knowing the whole picture?https://twitter.com/taviso/status/1138469652571467776 …
-
-
I can see the benefits of disclosure, eg if you have something where the company is clearly *refusing* to fix it and it’s very obvious (eg many IoT flaws). I’m certainly not suggesting making it illegal to discuss. That’s a bad idea. It’s about balancing risk from disclosure.
-
That seems very easy to abuse, couldn't I just assign one overworked engineer to solve a problem and you're legally prevented from ever discussing it? Many customers would truly benefit from understanding the risks and flaws in the products they buy.
- 6 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.