> Do you want to keep the world vulnerable for a 6 month window?
There exist far more bugs than discovered bugs. By revealing it, I put some people at risk (those who fail to update), and by hiding it I put more people at less risk (everyone, but only if someone else discovers the bug).
It's a tradeoff, but 6 months is a good window for most people to update, while there still not being too much chance of the bug being independently discovered.
There exist far more bugs than discovered bugs. By revealing it, I put some people at risk (those who fail to update), and by hiding it I put more people at less risk (everyone, but only if someone else discovers the bug).
It's a tradeoff, but 6 months is a good window for most people to update, while there still not being too much chance of the bug being independently discovered.