On Wed, Jun 07, 2023 at 02:45:05PM -0700, William Herrin wrote:
[more stuff]
I've unpacked what a vulnerability is and is not for you. I've unpacked how you can't be violating confidentiality in a protocol which doesn't guarantee confidentiality for you. I've unpacked how abusing the vulnerability reporting system for something which isn't actually a security vulnerability dilutes the effectiveness of that reporting system for you. I've unpacked basic definitions of basic terms like "hard-coded" for you. Each time, you've just quietly picked up the goal posts and moved them downrange. Your argument has gotten increasingly ridiculous. It's obvious that you're more interested in "winning" than anything. I've dispensed the last of my advise. File your CVE. I look forward to tracking its progress. -- . ___ ___ . . ___ . \ / |\ |\ \ . _\_ /__ |-\ |-\ \__