Dailydave mailing list archives
Re: Neal Stephenson, the EFF and Exploit Sales
From: Christian Heinrich <christian.heinrich () cmlh id au>
Date: Sat, 11 Aug 2012 09:54:39 +1000
Dave, I believe the cause of this confusion is similar to that of say GPL vs BSD i.e. both claim to represent Open Source but GPL has restrictions while BSD doesn't. The core issue is the actual confirmation that vulnerabilities have been sold to government and the only academically vetted, please withhold flames :), example that I am aware is that disputes this is http://weis2007.econinfosec.org/papers/29.pdf. Yes, it is possible that the market may have matured over the past five years (i.e. I don't know) but I have observed someone claim to know of someone else who had been offerred +100K for a vulnerability in 2006 and then went silent when presented with http://weis2007.econinfosec.org/papers/29.pdf The other issue in relation to selling to government good and/or bad is the terrorist vs "freedom fighter" (depending on who you are in the global community) point of view. On Sat, Aug 11, 2012 at 5:57 AM, Dave Aitel <dave () immunityinc com> wrote:
So your theory here is that because the EFF is calling for regulation of the government's ability to use 0day it has bought, that they are still advocating some sort of freedom? Frankly, I can't for the life of me understand why the EFF would take these positions - they seem counter to its mission, if not just completely confusing. It's like some selection of people at the EFF got scared that 0day exists and took a random position on the matter, completely ignoring that their (former) support base has the opposite position on the "equities issue".
-- Regards, Christian Heinrich http://cmlh.id.au/contact _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Neal Stephenson, the EFF and Exploit Sales Dave Aitel (Aug 08)
- Re: Neal Stephenson, the EFF and Exploit Sales Kyle Maxwell (Aug 10)
- Re: Neal Stephenson, the EFF and Exploit Sales Dave Aitel (Aug 10)
- Re: Neal Stephenson, the EFF and Exploit Sales Michal Zalewski (Aug 13)
- Re: Neal Stephenson, the EFF and Exploit Sales Jason Syversen (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Ben Nagy (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Bas Alberts (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Michal Zalewski (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Dave Aitel (Aug 10)
- Re: Neal Stephenson, the EFF and Exploit Sales Don Bailey (Aug 13)
- Re: Neal Stephenson, the EFF and Exploit Sales Christian Heinrich (Aug 13)
- Re: Neal Stephenson, the EFF and Exploit Sales Tracy Reed (Aug 13)
- Re: Neal Stephenson, the EFF and Exploit Sales Adam Shostack (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Kyle Maxwell (Aug 10)
- Re: Neal Stephenson, the EFF and Exploit Sales Haroon Meer (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Rich Mogull (Aug 17)
- <Possible follow-ups>
- Re: Neal Stephenson, the EFF and Exploit Sales Loose Tweets (Aug 10)
- Re: Neal Stephenson, the EFF and Exploit Sales Loose Tweets (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Adriel T. Desautels (Aug 14)
- Re: Neal Stephenson, the EFF and Exploit Sales Michal Zalewski (Aug 15)
- Re: Neal Stephenson, the EFF and Exploit Sales Loose Tweets (Aug 14)