|
|
|
|
|
|
by j1elo
7 days ago
|
|
|
Well this is nothing but an obvious expectation given the technical level required for doing good quality contributions, no? I felt this is kinda like there being a large number of people willing to send spam email, but a comparatively minuscule number of people willing to work on ML filters to block it. |
|
|
In most cases researchers have no interest in actually "making the software better" and publishing vulns is just a way to increase their cred to land a better job.
FFMPEG's position as a well know very popular open source project means it's very interesting for this type of researcher to find a vuln and put their name on it.
It's an exhausting dynamic.