The best way to get these vulns into criminal hands would be to send them to criminals. And yet we haven't seen this.
-
-
Replying to @matthew_d_green @pwnallthethings and
Why not? Certainly the NSA would notice it right away. But would there be broad coverage of the form "NSA exploits used in crimes"? Nope.
2 replies 0 retweets 1 like -
Replying to @matthew_d_green @pwnallthethings and
Releasing publicly does get the stuff out to criminals and causes lots of press coverage.
1 reply 0 retweets 3 likes -
Replying to @thegrugq @pwnallthethings and
But would it be "NSA exploit used in attack" or just "big attack"?
3 replies 0 retweets 0 likes -
Replying to @matthew_d_green @thegrugq and
Also, it is possible that they are not seven-layer chess'ing this. They want publicity, to embarrass the NSA, generate the coverage we see.
1 reply 0 retweets 0 likes
Replying to @zeynep @matthew_d_green and
And they rely on reporters' lack of understanding of stuff like NSA is far from only one with bugs, and that there is no shortage of bugs.
5:25 AM - 1 Jun 2017
0 replies
0 retweets
2 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.