You can use any metrics you want, but how long you leave your users vulnerable seems like an important one.
-
-
Replying to @taviso @berendjanwever
Also whether I add performance impact, incompatibility, force a downtime, leave them stranded on an older version, etc. And I can compromise easily on all of that to have a superfast turn out where the customers picks most of the slack. Is that what you want vendors to do?
1 reply 0 retweets 0 likes -
Replying to @lazytyped @berendjanwever
Firstly, with enough resources you don't have to compromise, agreed? How will you get those resources? Secondly, I want customers to tell you what balance they want, not for you to decide for them.
1 reply 0 retweets 0 likes -
Replying to @taviso @berendjanwever
You really think customers don't talk about patching all the time? It's like #1 topic with performance. At every meeting. Because it's painful and we work hard to make it better and security is just a fraction of it
1 reply 0 retweets 0 likes -
Replying to @lazytyped @berendjanwever
I think they don't tell you which vulnerabilities they want you to prioritise, and how fast they expect you to respond - because they don't know what vulnerabilities you're sitting on privately.
1 reply 0 retweets 0 likes -
Replying to @taviso @berendjanwever
Because nobody ever cares about a single vulnerability in a multi year large contract. Conversations are a bit more mature than that, thankfully.
2 replies 0 retweets 0 likes -
Replying to @lazytyped @berendjanwever
How lucky customers are that you know what's best for them.
1 reply 0 retweets 0 likes -
Replying to @taviso @berendjanwever
So naive :) #1 reason people pays for something is to not have to bother with it and let a professional handle it. At least that's what I do when I go to a restaurant or buy a car or have my flat renovated. That doesn't mean they shouldn't have the information, before you accuse
1 reply 0 retweets 0 likes -
Replying to @lazytyped @berendjanwever
That's certainly true of some people, but it's not true of all people. A diabetic has very specific dietary requirements for example, and would not want the waiter to choose for them.
1 reply 0 retweets 0 likes -
Replying to @taviso @berendjanwever
For anything you can find a special case. There will always be one specific customer which would be better off with one specific knob, but knob explosion is one of the worst thing you can do to a product.
1 reply 0 retweets 0 likes
That's you're opinion, but the diabetic probably disagrees. You know some people disable spectre mitigations because perf is more important? Everyone's different.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.