Vulnerability Research Is Cooked

Maybe it will be way easier to find CVEs in software - but the hospital example doesn't add up at all. We already have thousands of attackable targets in the wild these days. Unpatched windows servers, linux, outdated software etc. Most hospitals are known for being completely unshielded when you actually plug your ethernet cable into the wall. So the fact that a lot of existing installations are attackable is not new.

Harrowing. Security defences will improve too. But the pace might be different:

• attacks are parallelised and global, and security defences already have gaps
• improving defence needs coordination, and risks breaking things

I fear that to keep up, we'll see yet more locking down of devices, yet more "war on general computation".