Alex loves repeating this, but there are two problems with his observation. 1/ The reality is that the distribution of effort lines up *really* closely with his pyramid. The volume of discussion doesn't reflect that, because phishing isn't news. https://twitter.com/Kym_Possible/status/1187414505287864321 …
-
This Tweet is unavailable.Show this thread
-
2/ Measuring impact by directly affected users is naive. Commercial exploits are used in surgical strikes against specific targets. Influencing an election, stealing financial results, etc. can impact *one* user directly, but *indirectly* many.
2 replies 11 retweets 88 likesShow this thread -
We *can* work on more than one problem simultaneously, we don't have to drop everything and work on problems one at a time (I think this is a form of relative privation). Clearly, exploits cause real harm to real people, and we *should* be working on them.
5 replies 6 retweets 76 likesShow this thread -
Replying to @taviso
I've heard his talk a few times and it hasn't come off to me like we should drop worrying about 0-days in exchange for worrying about run of the mill attacks, so I'd say we're all in agreement with you. The concern is that naiive security orgs ignore their most real/likely threat
2 replies 0 retweets 3 likes -
@ucsenoi has it right -@alexstamos wasn’t saying to work on only one thing at a time...1 reply 0 retweets 0 likes -
I disagree, my take was he thinks the distribution of effort doesn't reflect the number affected users. I think he's wrong, there are tens (hundreds?) of thousands working on malware and abuse, and tens working on side-channel research?
1 reply 0 retweets 0 likes
Those numbers seem about right to me.
-
-
I’ll need to watch the talk again, but I believe that he was referring to research and public awareness, rather than raw headcount allocated to the efforts, thereby leading to skewed perceptions of what newcomers need to focus on.
0 replies 0 retweets 1 like - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.