there's also an argument to be made that for each time anyone uses an 0day, the risk of 0day being caught ITW increases.
No, because it makes no difference to those of us trying to fix bugs what the 0day market looks like. So if bad guys are looking less because they have less incentives, that gives us an advantage.
-
-
as in sure, there's less incentives market, bugs aren't used as much overall, but you're only really changing the rate at which "the good guys" use 0day, making 0day overall cheaper for "the bad guys"
-
you argue that this is still good anyway because it buys "people who kill bugs" time, but is that really good for the hypothetical innocent person who now is half as expensive to pwn?
- 71 more replies
New conversation -
-
-
isn't giving more time to people who fix bugs out of the goodness of their heart (or goog salary, I guess?) at the cost of less overall bugs being killed at all worse for the innocent 3rd party?
-
I don't follow this argument, it really seems like a convenient rationalization
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.