Comment by DannyBee
8 years ago
What he's insinuating is that they agreed to embargos and then repeatedly broke them, claiming it was "better for users".
Regardless of whether it is, you should expect the result of that to be that nobody trusts them with embargoes.
Which is in fact, what has happened.
The KRACK embargo expired as per agreement but I'll partially concede after reading about this OpenSSL accident: https://www.tedunangst.com/flak/post/regarding-embargoes
Google broke an embargo early. https://security.googleblog.com/2018/01/todays-cpu-vulnerabi...
EFail embargo was broken. See https://twitter.com/seecurity/status/995964977461776385 and http://flaked.sockpuppet.org/2018/05/16/a-unified-timeline.h...
I don't think picking on OpenBSD is the right thing here.