|
|
|
|
|
|
by psifertex
40 days ago
|
|
|
It's not abhorrent. It's quite common and the correct thing to do here. Them not disclosing doesn't make you safer. The people that want to abuse this could be actively exploiting it shortly after the commit went live. Waiting more time before the blog / marketing release is NOT the help you think it will be. This is a very, very, old debate in the security community, just read the rest of this thread and you'll see plenty of explanation as to why. |
|
|