• ozymandias117@lemmy.world
    link
    fedilink
    English
    arrow-up
    29
    ·
    9 months ago

    Even in open source, responsible disclosure is generally possible.

    See, e.g. Spectre/Meltdown, where they worked privately with high level Linux Kernel developers for months to have patches ready on all supported branches before they made the vulnerability public