It is significant because a random teenager can’t google “download exploits” and have them available 5mins later.
Powerful AI models and agents though are on your fingertips without you even asking.
Sure, people can buy guns. But what if every person could materialize a chainsaw instead regardless of their skill, maturity, age, or criminal record? 🤔
Full disclosure was a thing once upon a time, where exploits and proofs of concept were dumped publicly, forcing companies to fix the issue or be compromised. That’s mostly been moved away from in favor of responsible disclosure, giving companies time to patch the issue before it’s known publicly.
Maybe we should be moving back to full disclosure to force these companies to take data security seriously. Or at least then we could point to a known vulnerability as proof the company is shitty and is neglecting their infrastructure.
And no-skilled attackers can buy exploits.
Claude helping is insignificant to the story.
The real headline should be:
At least 14 companies’ IT security is practically non-existent
It is significant because a random teenager can’t google “download exploits” and have them available 5mins later.
Powerful AI models and agents though are on your fingertips without you even asking.
Sure, people can buy guns. But what if every person could materialize a chainsaw instead regardless of their skill, maturity, age, or criminal record? 🤔
Random teenagers can absolutely google “download exploits” and have them available, that’s pretty much always been the case…
https://www.exploit-db.com/
Full disclosure was a thing once upon a time, where exploits and proofs of concept were dumped publicly, forcing companies to fix the issue or be compromised. That’s mostly been moved away from in favor of responsible disclosure, giving companies time to patch the issue before it’s known publicly.
Maybe we should be moving back to full disclosure to force these companies to take data security seriously. Or at least then we could point to a known vulnerability as proof the company is shitty and is neglecting their infrastructure.