if you can't sell your vulnerabilities to governments, aren't there fewer people looking for them now? so the bugs still aren't getting fixed.
-
-
you're assuming the bad guys wouldn't have found the vulnerabilities anyway, and you're assuming that the good guys know about *all* 0day.
-
I don't follow sorry, I don't see how I'm assuming that.
- 2 more replies
New conversation -
-
-
overall: i really don't see how governments not making use of 0day would impact this in any way. the choices here are 1. 0days are being used by good+bad, both carrying an implicit risk of detection which has good+bad outcomes (i speculate good here > bad). 2. same, but -good
-
You're missing that governments create the incentive to make 0day by plowing millions of dollars into the market. If that dries up, the balance of resources shifts to those us trying to fix bugs.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.