undefined | Better HN

0 pointsdingaling8y ago0 comments

> but it does help me avoid getting compromised

Only by casual hackers. The pros will probably have been exploiting the flaw for weeks or months against gainful targets.

If there is a reasonable end-user workaround against the vulnerability then I'd argue it's more responsible to publish early and widely than to wait for the vendor.

It becomes greyer if there is no workaround. I'm not sure what I'd support in that case.

0 comments

1 comments · 1 top-level

daveFNbuck8y ago

The compromise is that I accidentally type my password into Slack and send it out to everyone in the building. There is no hacker involved in this one, and I can fully protect myself by ensuring that my password is going into the password field.

j / k navigate · click thread line to collapse