| ▲ | zahlman 4 days ago | |
> Do you have some other way of _reliably_ identifying vulnerabilities? This is irrelevant given that we are talking about known vulnerabilities. No, you can't reliably find all the vulnerabilities by auditing the code. Yes, if you audit the code and believe you have found a vulnerability, you fairly reliably are correct in your belief. And should probably take action even if you aren't. | ||
| ▲ | themafia 4 days ago | parent [-] | |
> we are talking about known vulnerabilities. In a context which does not involve them. I simply ignored the subtle goalpost shift and addressed the core issue of the article. > And should probably take action even if you aren't. Where they action could include "disabling as a default option." Yes? | ||