who benefits when researchers publicly posts information about vulnerabilities in an attacker's infrastructure or tools?
a typical argument defending this practice can be boiled down to the following: "im sharing information with other defenders that may not be aware of how to defend against this actor or tool"
this argument overlooks the fact that posting this information publicly also helps the adversary. Attackers will likely patch vulns in their tools/infra and/or refine their tradecraft to limit mistakes. to quote my colleague @bkmsft "the adversary also has ears"
when the adversary improves, defenders lose.
sharing information with other defenders is vitally important, but we, as a community, have a responsibility to do this in a way that doesn't benefit the adversary.
If Twitter was around during World War II do you think Alan Turing would have been posting about techniques to crack the Enigma?
You can follow @moranned.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more