The best part of the “going dark” debate is that we have to pretend sophisticated attacks by nation-states and criminals are some kind of Gibsonian sci-fi fantasy. It’s 2019. Theres a multi-billion dollar industry around attacking phone security systems.https://www.fastcompany.com/90307864/u-s-fund-sells-israeli-hacking-firm-nso-group-amid-spy-mystery …
-
-
if you can't sell your vulnerabilities to governments, aren't there fewer people looking for them now? so the bugs still aren't getting fixed.
-
there's also an argument to be made that for each time anyone uses an 0day, the risk of 0day being caught ITW increases.
- 13 more replies
New conversation -
-
-
Understood, but as a thought experiment would we need to write secure code if everyone agreed not to exploit bugs?
-
I think USG dropping out of the 0day market would have a substantial market impact, and move incentives enough to improve security, but this is probably too complex to agree on! For the purpose of discussion, let's just say a treaty is signed or something.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

