|| ||Michal Zalewski <lcamtuf-AT-coredump.cx> |
|| ||Dave Aitel <dave-AT-immunityinc.com> |
|| ||Re: Neal Stephenson, the EFF and Exploit Sales |
|| ||Fri, 10 Aug 2012 15:09:00 -0700|
|| ||Article, Thread
EFF takes a variety of positions on a variety of topics - and while
they are great folks, if this is the first time you disagree with one
of their positions, I'm surprised :-)
That said... the side effect of governments racing to hoard 0-days and
withhold them from the general public is that this drastically
increases the number of 0-day vulnerabilities that are known and
unpatched at any given time. This makes the Internet statistically
less safe, and gives the government a monopoly in deciding who is
"important enough" to get that information and patch themselves. The
disparity in purchasing power is also troubling, given that
governments have tons of "free money" to spend on defense, and are
eager to do so, outcompeting any other buyers.
So I don't find EFF's argument particularly weird; it's possible to
hold that position and believe that the current patterns of
vulnerability trade are detrimental to the health of the Internet.
It's also possible to hold a different view.
to post comments)