Your Web News in One Place

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
November 7, 2015 06:00 pm

NSA Uses Vulnerabilities Before It Discloses Them, Keeps Some To Itself

An anonymous reader writes: The NSA, perhaps seeking to repair its reputation, has started talking about how it handles vulnerabilities in computer software. But in doing so, they've only confirmed their own questionable behavior. The agency says it discloses zero-day flaws about 91% of the time. This means, of course, that they hold back about 9% of the flaws for their own use. They also don't mention when they disclose these flaws — which is damning, given statements from several current and former government officials indicating the NSA frequently waits and takes advantage of the vulnerabilities before notifying the companies who make the compromised software. This is the NSA's argument: "[T]here are legitimate pros and cons to the decision to disclose vulnerabilities, and the trade-offs between prompt disclosure and withholding knowledge of some vulnerabilities for a limited time can have significant consequences. Disclosing a vulnerability can mean that we forgo an opportunity to collect crucial foreign intelligence that could thwart a terrorist attack, stop the theft of our nation's intellectual property, or discover even more dangerous vulnerabilities that are being used to exploit our networks."

Read more of this story at Slashdot.


Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Zsd4HtqvQBY/nsa-uses-vulnerabilities-before-it-discloses-them-keeps-some-to-itself

Share this article:    Share on Facebook
View Full Article

Slashdot

Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..

More About this Source Visit Slashdot