undefined | Better HN

0 pointskzrdude8y ago0 comments

Hm that's tricky. These awesome findings didn't exactly provide net value for google, not even on the not so short term (next 10 years?). They've created a large problem for Google! :-)

0 comments

ehsankia8y ago

Yes and no. The cost of some malicious party figuring it out and using it on Google would potentially been far greater than anything this could cost.

oh_sigh8y ago

How much value would be destroyed if black hats discovered the bug first and people started discovering that information from their Google cloud VMs was getting leaked?

Sure, Google could just patch themselves, but the information to recreate the issue would surely be leaked by a xoogler, since it only takes a single sentence describing the vuln for a competent sec team to recreate it

make38y ago

Discovering a vulnerability is not creating it. A vulnerability exists even if it was not publicly disclosed. There were probably other people already exploiting it.

tanilama8y ago

Imagine the law suit if Google fails to detect this....

j / k navigate · click thread line to collapse