[Dailydave] Various things people say.

Dave Aitel dave at immunityinc.com
Wed Jan 8 16:34:13 EST 2014 

That was a quote from the article that I wanted to highlight. I
obviously did not write that (in case there is some confusion).

-dave

On 1/8/2014 4:08 PM, Dave Aitel wrote:
>
>
> http://www.washingtonpost.com/world/national-security/nsa-considers-shifting-database-of-domestic-phone-logs-to-third-parties/2014/01/07/1df6b7f6-7718-11e3-8963-b4b654bcc9b2_story.html
>
> *Should NSA point out holes?*
>
> Among the weapons in the NSA's arsenal are "zero day" exploits, tools
> that take advantage of previously unknown vulnerabilities in software
> and hardware to break into a computer system. The panel recommended
> that U.S. policy aim to block zero-day attacks by having the NSA and
> other government agencies alert companies to vulnerabilities in their
> hardware and software. That recommendation has drawn praise from
> security experts such as Matt Blaze, a University of Pennsylvania
> computer scientist, who said it would allow software developers and
> vendors to patch their systems and protect consumers from attacks by
> others who may try to exploit the same vulnerabilities.
>
> "This is not to say that reporting a vulnerability means that NSA
> can't also exploit it against their targets, only that their overall
> national security role means that their first responsibility must be
> to work to fix it," Blaze said.
>
> But Schaeffer said: "You're taking a potential weapon away from the
> very people we're asking to protect the nation. Those people ought to
> be able to use their best technical professional judgment as to when
> it's appropriate to alert industry that there's a vulnerability."
>
>
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20140108/62375cc3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20140108/62375cc3/attachment.sig>

More information about the Dailydave mailing list