I can look to the offensive tooling I& #39;ve released in the past and

1) see the irreparable and lasting harm it facilitated (I have seen it first hand)
2) see the tangible good it indirectly played a part in in improving some aspects of security in the long run.

1/5
I can& #39;t separate/absolve myself from both the harm and the benefit. Many offensive tool releases were notably more responsible than others in terms of vendor outreach and offerings of actionable detection/mitigation guidance.

2/5
IMO, there is no objective "right" way to release (or abstain from releasing) offensive tooling but if the choice is to release it, there is always a _better_ way to do it ("better" being subjective). One& #39;s ethical framework or lack thereof will dictate what& #39;s right/better.

3/5
Just don& #39;t be conveniently blind to the fact that your tooling will facilitate (note: I am deliberately not saying "cause") actual harm.

We can all hold ourselves individually more accountable. I& #39;m game to have this chat. Let& #39;s not downplay/reduce this thread to "drama" https://abs.twimg.com/emoji/v2/... draggable="false" alt="❤️" title="Rotes Herz" aria-label="Emoji: Rotes Herz">

4/5
Now that you& #39;ve read all this, rest for a moment and pay attention to your body. Do you feel any tightness anywhere? Heart-rate? I& #39;m asking this in a genuine sense. Listen to what your body is telling you and consider reflecting on your body& #39;s reactivity prior to responding.

5/5
You can follow @mattifestation.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled: