[Dailydave] Various things people say.

Moses Hernandez moses at moses.io
Wed Jan 8 17:14:40 EST 2014


While this whole thing about Edward Snowden, the NSA, privacy, and all other interesting meme’s have been flying about for almost a year now, I found this story rather interesting:

http://www.nytimes.com/2014/01/07/us/burglars-who-took-on-fbi-abandon-shadows.html?_r=0

Just thought that while everyone debates these interesting targets from a technical perspective, zero-day and weaponize clandestine operations in the world of cyber, I thought this article took us back to a ‘simpler’ time. Simple from a consumer standpoint anyway. It’s also intereting to see the cyclical nature o these things. I’m not passing judgement nor am I lawyer. Fascinating however. So while clicking the link, I just want to say, relevant. 

On Jan 8, 2014, at 4:08 PM, Dave Aitel <dave at immunityinc.com> wrote:

> 
> http://www.washingtonpost.com/world/national-security/nsa-considers-shifting-database-of-domestic-phone-logs-to-third-parties/2014/01/07/1df6b7f6-7718-11e3-8963-b4b654bcc9b2_story.html
> 
> Should NSA point out holes?
> 
> Among the weapons in the NSA’s arsenal are “zero day” exploits, tools that take advantage of previously unknown vulnerabilities in software and hardware to break into a computer system. The panel recommended that U.S. policy aim to block zero-day attacks by having the NSA and other government agencies alert companies to vulnerabilities in their hardware and software. That recommendation has drawn praise from security experts such as Matt Blaze, a University of Pennsylvania computer scientist, who said it would allow software developers and vendors to patch their systems and protect consumers from attacks by others who may try to exploit the same vulnerabilities.
> 
> “This is not to say that reporting a vulnerability means that NSA can’t also exploit it against their targets, only that their overall national security role means that their first responsibility must be to work to fix it,” Blaze said.
> 
> But Schaeffer said: “You’re taking a potential weapon away from the very people we’re asking to protect the nation. Those people ought to be able to use their best technical professional judgment as to when it’s appropriate to alert industry that there’s a vulnerability.”
> 
> 
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20140108/09ed42cc/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20140108/09ed42cc/attachment.sig>


More information about the Dailydave mailing list