Hard to see the logic in rewarding vendors for patching bugs quickly by publishing them quicker.
-
-
-
Bugs are patched for users, not vendors. So as soon as a patch is available, they should know about it.
- 7 more replies
New conversation -
-
-
Yes, most of the security industry is vendors. Do you think we should design policies to favour them, or users? Its rude to start a disclosure debate, what did you expect? Don't bring up politics at the dinner table of you don't like it.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
What difference does it make for cloud software? Patch adoption there is effectively perfect, so doesn't seem like an issue, perhaps I'm missing the point.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
"I'm not much for arguing opinions on Twitter, but here is an incendiary pro-vendor disclosure take
@taviso send tweet"
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
You're surprised to learn disclosure is a controversial topic?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
You can investigate as much as you like, don't see how this changes anything. I don't see how it benefits users to allow you to consider if you have regulatory obligations in private?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Is Tavis going to talk at INFILTRATE? [y/n] <---today's high school note passing. :)
-
Haha, I'll think about it

- 3 more replies
New conversation -
-
-
Where have you been for the last 20+ years?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
