In practice the point of most security research is: get the paper published and ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		roca on Aug 16, 2019 \| parent \| context \| favorite \| on: A Walk in Hong Kong In practice the point of most security research is: get the paper published and give the talk, or sell the zero-days, or use them yourself, and then move on to the next thing. The actual non-sexy defensive work of cleaning up bugs and implementing countermeasures, i.e. the real work on improving security instead of making it worse, is mostly done by rank-and-file software and hardware developers whose names are never known.

eeZah7Ux on Aug 16, 2019 [–]

> the real work on improving security ... is mostly done by ... developers whose names are never known

And it's a very thankless job.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact