.@Google STOP using public vuln disclosure to bully people into your arbitrary policy when there is no need - this isn't responsible, it's unethical STOP HURTING US #infosec #Vulnerability cc @k8em0 @hacks4pancakes
@taviso @phillip_misner @jepayneMSFT https://www.theverge.com/2018/2/19/17027138/google-microsoft-edge-security-flaw-disclosure …pic.twitter.com/NyzADaiChe
-
-
-
Replying to @GossiTheDog @Google and
Or, maybe not. How is this ethical? Disclosing a vuln not known to be in the wild while a patch is being developed from one of the most mature security orgs in the world...
@msftsecresponse - forcing a bad patch due to an arbitrary disclosure policy could cost business millions4 replies 0 retweets 2 likes
Replying to @cnoanalysis @GossiTheDog and
Tavis Ormandy Retweeted Tavis Ormandy
Answer this tweet or go away.https://twitter.com/taviso/status/965661603579314176 …
Tavis Ormandy added,
Tavis OrmandyVerified account @taviso
Replying to @cnoanalysis @info_dox and 5 others
Either you are well versed in the disclosure debate, and already know all the arguments so there's no need to explain them to you *or* you have zero clue about disclosure, but you used your very stable genius to solve it live on twitter. Which one is it?
11:29 AM - 19 Feb 2018
0 replies
0 retweets
3 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.