i think that, and then i recall that article about some government officials being hit by a capability that the government themselves had bought
-
-
Replying to @saleemrash1d @CiPHPerCoder and
So much the better. Those are education cases. They’ll ultimately inform policy and proper risk-balancing. They’ll solidify a risk-reward model for vulnerability banking.
2 replies 0 retweets 0 likes -
Replying to @mdhardeman @CiPHPerCoder and
well, maybe, but they'll probably just remember to sign exclusive contracts with their broker next time
2 replies 0 retweets 0 likes -
Replying to @saleemrash1d @mdhardeman and
You agree that two people can find a vulnerability, right? I keep getting the impression that you believe you can control who has access to an exploit, but that isn't the case.
2 replies 0 retweets 1 like -
Replying to @taviso @mdhardeman and
i don't believe i've said, or even implied, that i think that
1 reply 0 retweets 3 likes -
Replying to @saleemrash1d @taviso and
Saleem Rashid Retweeted Saleem Rashid
this is merely to say that they won't learn the lesson they should learn from ithttps://twitter.com/saleemrash1d/status/1206313532737949697 …
Saleem Rashid added,
1 reply 0 retweets 1 like -
Replying to @saleemrash1d @mdhardeman and
You're right, I confused something you said with something
@rmhrisk said. My mistake.2 replies 0 retweets 1 like -
Replying to @taviso @saleemrash1d and
I don’t believe I’ve said anything that suggests only one person can find a vulnerability. I see vulnerabilities like natural law, a thing that will exist no matter what, and that good guys in the name of stoping the bad, and bad guys in the name of profit, will always find.
1 reply 0 retweets 2 likes -
Replying to @rmhrisk @saleemrash1d and
We can make software safer by fixing vulnerabilities, agreed? This is why it's useful to get the gov to stop hoarding them, we can literally take exploits away from people we disapprove of. I get the impression you think reducing western 0day leaves others alone, that's not true.
2 replies 0 retweets 0 likes -
Replying to @taviso @saleemrash1d and
Yes, fixing vulnerabilities makes software safer. Yes, it would be great if governments and bad guys did not hoard vulnerabilities. Where you and I seem to differ is you seem to believe that there is a way to get those actors not to hoard vulnerabilities ...
2 replies 0 retweets 1 like
Well, they're supposed to be doing that already, right?
-
-
Replying to @taviso @saleemrash1d and
Yes, bad guys and good guys currently hoard vulnerabilities.
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.