WIRED: A Cisco Router Bug Has Massive Global Implications

[coderman]

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Tuesday, May 14, 2019 5:30 PM, John Young <jya at pipeline.com> wrote:

> What's the security benefit of Red Balloon's
> attacks? Is this not a type of extortion or maybe
> angling for bragging rights, a bribe to keep
> quiet or a buy-out from deep-pocketed targets.
> Hard to distinguish white hats from black and
> gray (also Red Hat), sanctimony from villainy.


welcome to the responsible bug disclosure debate, John!

this is why many choose no-disclosure, or full-disclosure instead...


to wipe blood from hands: build security in, and open source.  every hole opened and atoned for with code.