zlacker

[parent] [thread] 2 comments
1. lmm+(OP)[view] [source] 2017-02-28 11:01:14
What's true is true - better to know it than stick our heads in the sand. If these boxes have vulnerabilities (who am I kidding, they do parsing, they're probably implemented in C "for performance", of course they have vulnerabilities), we are better off for knowing about them than not.
replies(1): >>Alyssa+vd
2. Alyssa+vd[view] [source] 2017-02-28 13:49:48
>>lmm+(OP)
But what of the equities issue - what to do with that knowledge, once discovered? Might it depend on who "we" are?

My point is that actually helping this particular vendor, for example, may not be everyone's cup of tea.

replies(1): >>jacque+3n
◧◩
3. jacque+3n[view] [source] [discussion] 2017-02-28 15:15:43
>>Alyssa+vd
Yes, good point. One might aim to 'help' them into an early grave whilst actually helping them to strengthen their product.
[go to top]