Follow

why do security vulnerabilities have names and logos

@tuxcrafting security researchers exploiting herd psychology bugs to get them more recognition
@tuxcrafting because security engineers and researchers are nerdy and get annoyed by everyone ignoring hugely critical vulnerabilities

Most people these days generate hype otherwise nothing gets fixed, it's pretty sad

@tuxcrafting @absturztaube @eal Because designing a cute mascot is time-consuming. They just have so little time to name it and draw a logo.

@tuxcrafting to make them more appealing to learn about? CVE IDs are boring

@tuxcrafting
That's a good question!

The first big vuln with a name and logo was heartbleed. This made it easier to sell to news media, which in turn made patching easier to sell to executives.

The name and the logo make the vulnerability seem serious. Unfortunately, after the first one that does this, now managers won't authorize a maintenance window for any bug that doesn't.

So now every bug needs marketing.

Sign in to participate in the conversation
Moe Goods and Supplies

All your moe needs! A kind, generalistic instance where everyone is welcome! Important: if you sign up, be sure to check "spam" for your confirmation email if it does not appear.