it is because security researchers are mostly not-developers. why should we have to fix your fucking broken-ass shitty code?
FFmpeg
 @FFmpeg
Nov 4
It's interesting how the security "research" community is happy to write the most ruthless things when they find security flaws. But get upset when called out about sending patches to volunteer projects like FFmpeg (or libxml2)
70
2
22
134
Replying to @evildojo666
If you’re not a developer how do you know how broken and shitty it is? Bugs and vulnerabilities aren’t always as straightforward as “program bad”

Nov 4, 2025 · 2:32 PM UTC
16