• @ozymandias117
    link
    English
    299 months ago

    Even in open source, responsible disclosure is generally possible.

    See, e.g. Spectre/Meltdown, where they worked privately with high level Linux Kernel developers for months to have patches ready on all supported branches before they made the vulnerability public