Conversation

Notices

1. Embed this notice
   Manuel 'HonkHase' Atug (honkhase@chaos.social)'s status on Sunday, 22-Sep-2024 04:58:56 JST Manuel 'HonkHase' Atug

   in reply to

   "calling security holes "software vulnerabilities" is too lenient, she added. This phrase "really diffuses responsibility. We should call them 'product defects,'" Easterly said. And instead of automatically blaming victims for failing to patch their products quickly enough, "why don't we ask: Why does software require so many urgent patches? The truth is: We need to demand more of technology vendors."

   • Embed this notice
     Manuel 'HonkHase' Atug (honkhase@chaos.social)'s status on Sunday, 22-Sep-2024 04:58:57 JST Manuel 'HonkHase' Atug

     CISA boss: Makers of insecure software are the real cyber villains

     "Write better code, urges Jen Easterly. And while you're at it, give crime gangs horrible names like 'Evil Ferret'"

     "Software developers who ship buggy, insecure code are the true baddies in the cyber crime story, Jen Easterly, boss of the US government's Cybersecurity and Infrastructure Security Agency, has argued."

     "Even..."
     https://www.theregister.com/2024/09/20/cisa_sloppy_vendors_cybercrime_villains

     GreenSkyOverMe (Monika) repeated this.