incentives
On Vulnerability-Adjacent Vulnerabilities
At the virtual Enigma Conference, Google’s Project Zero’s Maggie Stone gave a talk about zero-day exploits in the wild. In it, she talked about how often vendors fix vulnerabilities only to have ...
Programmers Who Don’t Understand Security Are Poor at Security
A university study confirmed the obvious: if you pay a random bunch of freelance programmers a small amount of money to write security software, they're not going to do a very good ...