Fi 🏳️⚧️RE: https://infosec.exchange/@munin/116377572131443912
This rule continues to outperform alternatives.
for example: "zomg ai found cvss 10!!!!"
meh.
"and now all kinds of embedded devices are going to be vulnerable and need updating"
ok now you have my attention
"because the wolfssl people did a really basic fuckup back in '17 and nobody audited the code for this functionality since"
ok so now we have an -actual problem- to discuss around corporations exploiting open-source projects and failing to provide appropriate support for the personnel who develop and maintain the library.
the exciting part is the least impactful one; the actual problem to be solved is the grinding fucking tedium of trying to figure out how to get those fucking rent-seeking extractive assholes to fucking kick back a few fucking dollars so that there's actual resources to fucking maintain open source infrastructure, -A FUCKING GAIN-
Epic Null