Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Michal Zalewski <lcamtuf <at> coredump.cx>
Subject: Re: Neal Stephenson, the EFF and Exploit Sales
Newsgroups: gmane.comp.security.dailydave
Date: Friday 10th August 2012 22:09:00 UTC (over 5 years ago)
EFF takes a variety of positions on a variety of topics - and while
they are great folks, if this is the first time you disagree with one
of their positions, I'm surprised :-)

That said... the side effect of governments racing to hoard 0-days and
withhold them from the general public is that this drastically
increases the number of 0-day vulnerabilities that are known and
unpatched at any given time. This makes the Internet statistically
less safe, and gives the government a monopoly in deciding who is
"important enough" to get that information and patch themselves. The
disparity in purchasing power is also troubling, given that
governments have tons of "free money" to spend on defense, and are
eager to do so, outcompeting any other buyers.

So I don't find EFF's argument particularly weird; it's possible to
hold that position and believe that the current patterns of
vulnerability trade are detrimental to the health of the Internet.
It's also possible to hold a different view.

/mz
 
CD: 2ms