you're reading...
Hardware, Information Security, IT, Security

Bug Collusion

Why do multiple independent researchers find the same bug at the same time?

Multiple teams identified Meltdown and Spectre at the same time. How did that happen? A twenty year old flaw suddenly becomes “interesting “?

Joseph Steinberg explores is in an article in Inc. and comes to some interesting conclusions. Useful as he’s been involved in such matters himself.

I’d add that such research leads to either partial revaluation or notification under NDA or similar. In turn this moves the final declarations from all teams into the same timeline, resulting eventually in simultaneous publication.


About harlekwinblog

"Thoughts of an idle mind." Information Security professional.


No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: