Nobody argues "every man for himself" lol! We argue for autonomy and empowering users. You're not a doctor, but I assume you want autonomy in choosing your treatment options, right? Why let your vendor choose what's best, and why trust them to have your best interests at heart?
Cool, so if nobody knows about the vulnerability, then why fix it? If someone reported it, then clearly people are capable of finding it and exploiting it.
-
-
You know I don't believe that. But there's a difference between theory and practice - and in practice I've seen many bugs get discovered, reported, and fixed, without others discovering them and mis-using them. Then the info is released.
-
You don't know that at all, and that's the problem. How could you possibly know if an attacker is exploiting a vulnerability? If you had a way to prove that a vulnerability is only known to you, then great - disclosure is not necessary, why even report it to the vendor?
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.