Bengt Richter <bokr@bokr.com> writes:

> Given that crims &co monitor developer discussions to discover
> unfixed vulnerabilities and clues re exploiting them,
> what are your ideas to avoid building a tool that can be abused?
>
> E.g., How will your tool avoid leaking info during an embargo window
> while trusted developers are secretly/privately fixing
> critical vulns?

That's a point to consider I think. Most of what I'm thinking about is
for published vulnerabilities in software packaged for Guix, but you
raise a valid point, so thanks for bringing it up.

Chris