2017.04.10 01:01:15 (851208414499917824) from Daniel J. Bernstein, replying to "Tavis Ormandy (@taviso)" (851108962174775296):
Somewhat harder exploits => less frequent news about exploits => less panic => less funding for _real_ solutions. Not clear this is a win.
2017.04.09 17:37:53 (851096837327028226) from "Dino A. Dai Zovi (@dinodaizovi)", replying to "Dino A. Dai Zovi (@dinodaizovi)" (851095322273218565):
I absolutely love fun bugs intellectually, but I also rationally know what will be more effective for defense than indulging my obsession.
2017.04.09 17:56:07 (851101426608517121) from "Justin is sad at Twіtter's collapse (@justinschuh)" = "Justin Schuh 🌐 Twіtter CISO (@justinschuh)":
This is the intellectual balancing act of defense. The key requisite skills also tend to pull you in less immediately useful directions. https://twitter.com/dinodaizovi/status/851096837327028226
2017.04.09 18:24:47 (851108639129481216) from "Tavis Ormandy (@taviso)", replying to "Justin is sad at Twіtter's collapse (@justinschuh)" = "Justin Schuh 🌐 Twіtter CISO (@justinschuh)" (851101426608517121):
If we ignore exploitation, then 0day would still be dime a dozen like they were in 1995. Today they're expensive, and getting more expensve.
2017.04.09 18:26:04 (851108962174775296) from "Tavis Ormandy (@taviso)", replying to "Tavis Ormandy (@taviso)" (851108639129481216):
Today 0day are out of the reach of many unsavory people, that's a huge win.