Dailydave mailing list archives
Re: Neal Stephenson, the EFF and Exploit Sales
From: Loose Tweets <loosetweets () gmail com>
Date: Fri, 10 Aug 2012 12:54:39 -0400
"Unfortunately, if these exploits are being bought by governments for offensive purposes, then there is pressure to selectively harden sensitive targets while keeping the attack secret from everyone else, leaving technology—and its users—vulnerable to attack."
So, taking these two together, what the EFF seems to advocate is that vulnerabilities and such purchased with the intent to be used for offensive operations should also be used in some way for defensive operations. Subject to OPSEC concerns, I think this is more or less correct: if we know of a bug, we know it has a limited shelf life (especially once it's used). It makes sense to then transition to fixing the same problem in our systems.
I get it now! If we just patch *all* the bugs, then there will be no bugs left for anyone else to exploit. Guys, this is brilliant. How did we get scooped by a few lawyers at the EFF when we've been working on this for years? -LT _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Re: Neal Stephenson, the EFF and Exploit Sales, (continued)
- Re: Neal Stephenson, the EFF and Exploit Sales Bas Alberts (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Michal Zalewski (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Don Bailey (Aug 13)
- Re: Neal Stephenson, the EFF and Exploit Sales Christian Heinrich (Aug 13)
- Re: Neal Stephenson, the EFF and Exploit Sales Tracy Reed (Aug 13)
- Re: Neal Stephenson, the EFF and Exploit Sales Adam Shostack (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Haroon Meer (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Rich Mogull (Aug 17)
- Re: Neal Stephenson, the EFF and Exploit Sales Mary Landesman (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales David Maynor (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Loose Tweets (Aug 10)
- Re: Neal Stephenson, the EFF and Exploit Sales Loose Tweets (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Adriel T. Desautels (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Michal Zalewski (Aug 15)
- Re: Neal Stephenson, the EFF and Exploit Sales Adriel T. Desautels (Aug 15)
- Re: Neal Stephenson, the EFF and Exploit Sales Michal Zalewski (Aug 15)
- Re: Neal Stephenson, the EFF and Exploit Sales Adriel T. Desautels (Aug 15)
- Re: Neal Stephenson, the EFF and Exploit Sales Bas Alberts (Aug 16)
- Re: Neal Stephenson, the EFF and Exploit Sales Tracy Reed (Aug 17)
- Re: Neal Stephenson, the EFF and Exploit Sales Daniel Margolis (Aug 17)
- Re: Neal Stephenson, the EFF and Exploit Sales Loose Tweets (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Dr. Sandro Gaycken (Aug 15)