Cryptographers engage in war of words over RustSec bug reports and subsequent ban
Summary
Cryptographer Nadim Kobeissi has been attempting to report critical bugs in Rust cryptography libraries since February. However, his reports have been met with dismissal and he has been banned from Rust security channels, leading to a public dispute among cryptographers.
IFF Assessment
This situation is 'foe' because it highlights potential friction in the responsible disclosure process, which could hinder the timely patching of vulnerabilities and leave systems at risk.
Defender Context
This incident raises concerns about the effectiveness of security reporting channels and the potential for valuable vulnerability information to be suppressed. Defenders should be aware of the importance of robust and open communication within security communities to ensure timely patch deployment.