Originally Posted by
JBord
How about getting your research published in a respectable trade journal? I'm not in the IT or security business, but I am a long-time professional in my industry, and tweeting about stuff like this just comes across as childish.
Trade journals are easily ignored. Employee reports are easily ignored. If you look back at most of the major breaches they are have a history of ignored warnings from inside and outside the company. I would be shocked if his Twitter stunt hasn't shed more light and attention on the topic than any published article would have. So, from an effectiveness standpoint, Twitter was more likely to get something done despite your views. I am not disagreeing with your views but the role of social media in terms of reporting security issues is evolving - mostly due to the lack of action or attention businesses have placed on more traditional methods of disclosure