I got "tutorials" and "open letters" from your comment.
I fundamentally disagree with the idea that publishing new ways to break software isn't the best tool we have to improve software security.
But even if I didn't, if you're going to berate someone for publishing an attack instead of doing something else, the onus is on you to come up with a plausible alternative.
I fundamentally disagree with the idea that publishing new ways to break software isn't the best tool we have to improve software security.
But even if I didn't, if you're going to berate someone for publishing an attack instead of doing something else, the onus is on you to come up with a plausible alternative.