It just happens that we have a real life example of epidemiologists and a large, vulnerable population to point to right now - and what people are doing is mostly accepting "There's a big risk here, wash your hands and stay inside" as the totality of what they need to know.
The reason users need this information is because it gives vendors an economic incentive to address the vulnerabilities users care about. That is not "every user for themselves", anymore than democracy is every citizen for themselves?
-
-
CVD assumes that a disclosure will occur but allows for a delay for the vendor to fix things. The economic incentive still exists under CVD as long as you don't allow unlimited timelines for fixes. And I have no problem zero daying vendors who won't fix.
-
You're worried about what happens during the delay, when there's no patch available. It's that period of time that seems to me like "every user for themselves" is at least somewhat accurate, If not the politest way to phrase it.
- 4 more replies
New conversation -
-
-
You're not wrong, You're just optimizing for yet another different outcome. ;)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.