|
|
|
|
|
|
by deng
50 days ago
|
|
|
> It was extremely irresponsible to share the exploit with the world before the distributions shipped the fix. Yes, this was clearly a marketing stunt to promote Xint code. I, for one, will never use Xint code and will advise everyone to never use it. To anyone working there: enjoy your 15 minutes, I hope this backfires right in your face. |
|
|
External security research happens for one of only a few reasons typically:
1) hobbyists who are learning or just like to do it for fun 2) bug bounties (good luck with those in most open source) 3) marketing for security companies 4) non-public research going to CNO/CNE
If you want to kill 3, the output of 1 will not come close to 4 and the public is NOT better off with fewer public bugs.