Comment by IggleSniggle
4 years ago
It may sound like I’m being snarky, but I’m not:
Aren’t users / social engineering make up the actual majority of real-world vulnerabilities, and pose the most prevalent extant threat in the entire software ecosystem?
Yes, but I think that within the context of discussing a memory safety vulnerability in a text messaging app it's reasonable to talk about memory safe parsers, no?
Beyond that, I've already addressed phishing at our company, it just didn't seem worth pointing out.
A fair point, but that's not really a problem with the technology. (And I did hedge with "probably" :-)