Us: Here's a vulnerability. Vendor: It's not a vulnerability. Us: Are you sure? Vendor: It's not a vulnerability. Us: <publish blog> Vendor: Please take down the blog of the vulnerability.

7:11 AM · Jun 17, 2021

21
103
7
776
GIF
Replying to @cybergibbons
Security by denial
2
0
0
15
Ah the Ostrich-Paradigm
1
0
0
8
GIF
Replying to @cybergibbons
Was it a hidden feature?
2
0
0
8
An easter egg
0
0
0
6
Replying to @cybergibbons
It's not a vulnerability, it's just a different way to administer the system.
3
2
0
37
I had another exchange last year: Me: There's a hardcoded backdoor account. Them: It's a break-glass support account. Me: That really depends on who is using it. Them: You are arguing semantics.
7
5
2
71
Replying to @cybergibbons
It is patented know-how, trade secret :-D
0
0
0
0
Replying to @cybergibbons
0
0
0
0
GIF
Replying to @cybergibbons
😂
0
0
0
1
Replying to @cybergibbons
This is a lot like Management Consultancy, whereby some CxO says something isn't a problem. So you write your findings up in a report, and then they get arsey that you've outlined what you (and most of their staff) have already told them, just in a written/formal manner.
1
0
0
5
Heard on radio. "We are currently conducting research, which will prove that our points are valid. ".
0
0
0
0