//
you're reading...
Hardware, Information Security, IT, Security

Bug Collusion

Why do multiple independent researchers find the same bug at the same time?

Multiple teams identified Meltdown and Spectre at the same time. How did that happen? A twenty year old flaw suddenly becomes “interesting “?

Joseph Steinberg explores is in an article in Inc. and comes to some interesting conclusions. Useful as he’s been involved in such matters himself.

I’d add that such research leads to either partial revaluation or notification under NDA or similar. In turn this moves the final declarations from all teams into the same timeline, resulting eventually in simultaneous publication.

References

About harlekwinblog

"Thoughts of an idle mind." Information Security professional.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Categories

RSS This Blog…

  • An error has occurred; the feed is probably down. Try again later.

Share me…

Bookmark and Share
January 2018
S M T W T F S
« May   Jun »
 123456
78910111213
14151617181920
21222324252627
28293031  
%d bloggers like this: