Sombody needs that right into their face. Sometime repeatedly. threat actor = someone who wants to punch you in the face threat = the punch being thrown vulnerability = your inability to defend against the punch risk = the likelihood of getting punched in the faceacceptable risk = your willingness to be punched in the…
Until recently, notepad.exe was considered safe in terms of security vulnerability, mostly for its lack of features and therefore lack of attack surface. Until Vulnerability researcher at Google, Tavis Ormandy, took a closer look and popped a shell from notepad.exe. Awesome.
This a bit old already, but came to my attention only today. Every Product Manager, Designer and Front End Engineer should read and repeat this every day. Every corporate marketing guy should print and frame this and have it hanging somewhere in sight from his desk. The older I get, the more I realize the…