Comment by nbardy
1 day ago
There is step changes that actually merit this though. And a zero day machine IS one of those. It went from 4% zero day success rate to 85% on firefox.
Can you not see the significance of that?
1 day ago
There is step changes that actually merit this though. And a zero day machine IS one of those. It went from 4% zero day success rate to 85% on firefox.
Can you not see the significance of that?
I mean I work in this world and overhype is constant.
Additionally those numbers are somewhat meaningless without more context.
Can you explain why they are meaningless without more context?
A 0 day is just a vulnerability that wasn’t known before now.
What’s the criticality of these? Are they realistically exploitable? En mass? Through a complex and highly contextual set of actions? What’s the impact? Etc etc etc.
Yes those numbers are a big change but they’re also not spelling doom for us in the security world until we actually know what they mean.
The demonstrated ones that they have on the red team blog are neat, the kernel chain is impressive and fun. But nothing I’m seeing here is as world ending as the presser implies.