Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You have it the wrong way around. Tagging the release as security allows nation-state level attackers with large budgets to investigate the fixes, while normal people have to wait to patches. This gives nation-state level attackers with large budgets a heads-up, making it worse for everyone else. Furthermore, nation-state level attacks with large budgets are more focused on offense than defense.


This comment is totally baseless. Anyone who does linux kernel exploit development knows how to crawl the commit log or syzkaller.


I'm sorry, but I'm not a nation-state. I wish I was though.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: