> Okay sure, but what happens when a high CVE is discovered that requires immediate patching

xg15 • today at 6:48 AM • 1 reply • view on HN

> Okay sure, but what happens when a high CVE is discovered that requires immediate patching

I'm pretty sure, once cooldowns are widely implemented, the first priority of attackers will become to convince people to make an exception for their update because "this is really really urgent" etc.

Replies

iainmerrick • today at 7:38 AM

At least it’s a bit harder because you need to finesse the manual review somehow; and it’ll leave a bigger paper trail. It’s not a perfect defence but it’s an improvement.

alt Hacker News

Replies