Comment by wg0
1 hour ago
If everybody starts to delay for 3 days, wouldn't it be the case that everyone would discover it on the 3rd day?
1 hour ago
If everybody starts to delay for 3 days, wouldn't it be the case that everyone would discover it on the 3rd day?
Most attacks are discovered 'pretty quickly' via scanning services and groups that monitor repositories. The problem is even an hour gap could mean tens of thousands of downloads and executions.
Vulnerability scanners and security researchers would be looking those first 3 days