undefined | Better HN

0 pointsbawolff1y ago0 comments

> As a result, we’re continually seeing negative externalities from these disclosures in the form of active exploitation.

That assumes that without these disclosures we wouldn't see active exploits. I'm not sure i agree with that. I think bad actors are perfectly capable of finding exploits by themselves. I suspect the total number of active exploits (and especially targeted exploits) would be much higher without these disclosures.

0 comments

ericpauley1y ago

Both can be true. It’s intellectually lazy to throw up our hands and say attacks would happen anyway instead of doing our best to mitigate harms.

j / k navigate · click thread line to collapse

0 pointsbawolff1y ago0 comments

> As a result, we’re continually seeing negative externalities from these disclosures in the form of active exploitation.

0 comments

ericpauley1y ago

Both can be true. It’s intellectually lazy to throw up our hands and say attacks would happen anyway instead of doing our best to mitigate harms.

j / k navigate · click thread line to collapse