Journalists writing up the VEP plan today: most important revelation was enormous loophole permitting digital arms brokers to exempt (via routine NDAs used when proliferating bugs to >1 buyer) critical flaws in US infrastructure from disclosure no matter the cost to our security.
-
-
Uhm, by the time these hospitals were hit, the NSA had (allegedly) informed Microsoft about the vulnerabilities and Microsoft had (definitely) issued patches for them.
-
You can blame the NSA for letting their shit get stolen, or The Shadowbrokers for releasing it to the public, or the hospitals for not patching - but not the NSA for not disclosing responsibly.
-
Be serious. That's only true if you presume the only appropriate time for disclosure is when your bugs are literally advertised on the internet by the Shadowbrokers. Take at look at the age of the exploits, then contrast it to the age of the disclosure.
-
I understand your point, and I agree that this would be a preferable scenario. But what I am saying is that as soon as the vulnerability was known to have been leaked, the NSA disclosed it responsibly - exactly according to the VEP process.
-
You can say that the VEP process has flaws - but you can't blame the NSA for not following it in this case.
-
Respectfully, I disagree. That policy permits a thing does not by itself establish its propriety. NSA willfully concealed a catastrophic vulnerability for *years* -- in a manner demonstrably harmful to general welfare. They focused on what they *could* do rather than *should* do.
-
You may be misreading my contention as "NSA doesn't comply with the VEP." My argument (see original tweets) is that the VEP is broken.
-
I see; that's a valid point and I don't disagree with it. I'm not saying "I agree", either, because, honestly, I don't see how it can be improved. We can't know in advance which vulns will be stolen and published, and we can't realistically expect powerful vulns not to be kept.
- 7 more replies
New conversation -
-
-
Partly the fault of staff who, despite knowing about back doors in platforms such as Windows, deployed it anyway http://techrights.org/wiki/index.php/NHS …
-
To keep bus license, they must comply to disclosing metadata to gov b/c 3rd Party Doctrine by GWBush obliterating 4th Amendment.
#LegalizePrivacy -
Some of these companies would be wiser to relocate outside Five Eyes, e.g. Switzerland
End of conversation
New conversation -
-
-
Will you press for FSB (FAPSI) to release info on vulns? Asking for a friend.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Leaks caused those hospital problems. Leaks have killed people.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
you can't criticize the segregated Israel government can you? The moneychangers steal our money (diamonds gold silver platinum commodities land) and give us paper in return
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
There is an improperly enacted and unconstitutional CONFIDENTIALITY in every state.
@ABAesq Rule 1.6 undermines laws, rights and judiciary.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
#tagliateivitalizi Ecco cosa fa l'evasione, la corruzione,e i privilegi alla spesa pubblica. Massima condivisione Da non perdere!!!!pic.twitter.com/mYj6y3UUCoThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
You have certain MSM outlets that refer to William Binney as a conspiracist. This is the dishonesty & subversion being used to hoodwink the general public.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
The NHS isn't the kind of organisation that has the resources to keep up with what seems to them must have seemed like background noise.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Joyce should
#RedTeam@Microsoft as a service to the American computer buying public.#GotRootThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.