I have no idea what point you're even trying to make here. Are you suggesting defenders need publicly available exploits to defend?
-
-
Replying to @fugueish
Ok, good. Just thought I'd check because your argument has literally nothing to do with any of the points made in the quoted thread, and I'm starting to get a contact high from reading your tweets and trying to figure out how you got here.
0 replies 0 retweets 2 likes -
Replying to @fugueish
Did you read the thread, like at all? I get the feeling you read the first tweet and called it a day.
1 reply 0 retweets 0 likes -
Replying to @MalwareTechBlog @fugueish
like, the entire thread discusses that exact point from that exact perspective. Coupled with the fact you tried to explain to me earlier that people reverse patches (that is literally what I do), i can only assume you did not read the thread.
1 reply 0 retweets 1 like -
Replying to @MalwareTechBlog @fugueish
You misunderstood, nobody is trying to techsplain bindiff to you, the point is that these services are commercially available. It's misleading to say this capability is out of the reach of attackers, because analysis and exploits are available as COTS products.
2 replies 0 retweets 9 likes
That being said, the numbers we deal with in targeted attacks are much lower than those you see in opportunistic attacks. We find that number of affected users is not a good metric for severity of targeted attacks - it works okay for opportunistic attacks though.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.