Conversation

Notices

1. Embed this notice
   feld (feld@friedcheese.us)'s status on Saturday, 28-Sep-2024 04:29:46 JST feld

   • Bredroll
   • Will Dormann
   @Bredroll @wdormann No but he was the one exaggerating it to the vendors and announcing that everyone was vulnerable
   • Embed this notice
     feld (feld@friedcheese.us)'s status on Saturday, 28-Sep-2024 04:36:08 JST feld

     in reply to

     • Bredroll
     • Will Dormann
     @wdormann @Bredroll Based on his bemoaning on Twitter that Cloudflare, Amazon, etc rejected him for a job it feels like he was trying to get fame
   • Embed this notice
     Will Dormann (wdormann@infosec.exchange)'s status on Saturday, 28-Sep-2024 04:36:09 JST Will Dormann

     in reply to

     • Bredroll

     @feld @Bredroll
     He allegedly got the 9.9 from somebody at Red Hat.
     However, despite being the one who was intimately familiar with the vulnerabilities, he didn't bother to check the scoring himself. (It's not terribly tricky)
     https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator

     Instead, he chose to amplify the wrong information and kick start the rumor mill process. Because more fame is better than less fame, apparently. 🤦♂️