[Dailydave] Neal Stephenson, the EFF and Exploit Sales
rmogull-dd at securosis.com
Sat Aug 11 17:02:33 EDT 2012
Dave Aitel wrote:
> So your theory here is that because the EFF is calling for regulation of
> the government's ability to use 0day it has bought, that they are still
> advocating some sort of freedom? Frankly, I can't for the life of me
> understand why the EFF would take these positions - they seem counter to
> its mission, if not just completely confusing. It's like some selection
> of people at the EFF got scared that 0day exists and took a random
> position on the matter, completely ignoring that their (former) support
> base has the opposite position on the "equities issue".
I don't the EFF cares much about the morality of 0day as a state vs.
state weapon in principle. I think this ties directly into concerns that
governments will leave people at risk of attack and use the tech to
wiretap. That's completely in-line with their history and beliefs, and
isn't random at all.
Our current environment is a fascinating experiment. For essentially the
first time in history, private arms manufacturers are creating identical
weapons as criminals, both of which rely on knowing vulnerabilities that
affect the public at large, and can be used anonymously. Very different
than guns and bombs due to the differing nature of offense and defense
between digital and kinetic.
Essentially, a government has to leave their population at risk of
attack from other governments or criminals in order to maintain part (a
core part) of their offensive capabilities. Everything is dual use.
Well, triple since you can use the same tools for intelligence
gathering. I mean quadruple since it could be nation-state intel, or law
Anyway, not saying this as a moral statement. But if you consider the
fear of 0day use for wiretapping, and the risk it leaves the populace
at, it seems totally consistent with the EFF stances in the past. Has
nothing to do with us attacking China.
More information about the Dailydave