A 0day policy would have even more effect on vendors, yet harm users. At any point in time, it's not just the effect on vendors but also the end effect on users that matters, if security is the end goal.
Then what is it you want? More information available to users, but delayed until it is no longer useful?
-
-
What I want is more effort in building infrastructure than in finding bugs. And more attention on why they happen rather than just ship out patches leaving all the burden of adoption to users.
-
Cool, and the best way to get that is to give users less information about vulnerabilities that affect them?
- 5 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
