← Back to context

Comment by awesome_dude

18 hours ago

You have moved from "We know" to "We have an educated guess" which is the right way to couch things.

However I wanted to also point out that relying only on educated guesses can lead us into a position where we are "papering over the cracks" or "addressing the symptoms", not the "underlying cause"

Yes, sometimes that's all that can be done, but, also, sometimes it can be more damaging than the cause itself (thinking in terms of the cause continuing to fester away, whilst we think it's 'solved')

3 comments

awesome_dude

Reply
ragall  17 hours ago

> You have moved from "We know" to "We have an educated guess"

No. You kept blabbering about "science" when most uses of knowledge are not about science. The original topic was also definitely not "science": it was about having a reasonable opinion about whether, empirically, the rate of discovery of vulnerabilities is increasing or not.

  • awesome_dude  16 hours ago

    Trying to reframe this as 'not science' after being caught on a logical fallacy doesn't change the record. You started with a definitive claim ('We know') to shut down a question. When challenged on the lack of causation, you pivoted to 'educated guesses.'

    My point remains: if we misattribute the cause of the rising vulnerability rate (discovery vs. creation), our 'educated guesses' will lead to solutions that address the symptoms while the underlying problem continues to fester. Calling precision 'blabbering' is exactly how we end up with the 'false sense of security' mentioned earlier.

    Exhibit A:

    ragall 2 hours ago | root | parent | prev | next [–]

    > How do you know?

    We know because we could see the effects of the average rate of vulnerabilities discovery and exploitation, and it's definitely going up very fast. Until recently, vulnerabilities were relatively hard to find, and finding them was done by a very restricted group of people world-wide, which made them quite valuable. Not any more.

    Exhibit B:

    ragall 2 hours ago | root | parent | next [–]

    Very often you only have limited time for investigation and you have to act now. Action is almost always based on educated guesses. reply