1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

NSA zero days and encryption backdoors need clear disclosure policies

Discussion in 'Network World' started by RSS, Aug 18, 2016.

  1. RSS

    RSS New Member Member

    The government has another public balancing act on its hands with the disclosure this week of exploits against commercial security products that were purportedly cooked up by the NSA.

    These attack tools revealed by a group called Shadow Brokers date from sometime before June 2013 and some of them were still effective this week, which means the NSA never told the vendors about them.

    That helps flesh out what the Obama administration meant two years ago when it said that under most circumstances the NSA would tell vendors if it exploits vulnerabilities in their security products. The exception: the disclosure policy wouldn’t apply if there were a clear national security or law enforcement need.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page