> I don't think it poses a risk, but the tone - excited?, self-important? doesn't sit well with the idea of a professional security bod soberly reporting a serious problem.
What a surprise! Self-importance in an security industry that relies on reputation for consulting gigs?[1] You might have missed the ominous, grandiose vulnerability names, fancy logos and the PR-blitz now associated with any vulnerability worth a damn.
I'm an outsider, but even I know NetSec twittersphere is that last place to expect 'sober' communication.
1. I don't agree with your assessment that there was self-service in Tavis' tweet. To my knowledge Google Zero doesn't consult for anyone, he was probably excited and very surprised by what he saw and he needed to get it off his chest.
What a surprise! Self-importance in an security industry that relies on reputation for consulting gigs?[1] You might have missed the ominous, grandiose vulnerability names, fancy logos and the PR-blitz now associated with any vulnerability worth a damn.
I'm an outsider, but even I know NetSec twittersphere is that last place to expect 'sober' communication.
1. I don't agree with your assessment that there was self-service in Tavis' tweet. To my knowledge Google Zero doesn't consult for anyone, he was probably excited and very surprised by what he saw and he needed to get it off his chest.