Some people are angry at the U.S. government for secretly stockpiling exploits for security flaws so that they can use them to spy on people. The latest outcry came late last week after the revelation that spies — in this case, believed to work for the United Arab Emirates — tried to hack an activist’s iPhone using three separate flaws not revealed to Apple by the government.
Like it or not, you should assume instead that they will exploit them either until someone else finds the vulnerability — a vendor, researcher, or ethical hacker — or until it’s in the government’s interest to disclose it, such as when it knows a competing power has found it as well. Even the United States, where the official policy is to quickly release details of discovered exploits to affected vendors, has acknowledged it doesn’t release exploits it thinks it can use.
This reality imposes a high price on everyone because it means we have to spend the effort to find the vulnerabilities on our own knowing that they could be used against us until we do. Vendors and researchers need to redouble their efforts as a result.
Read More: Info World
Featured Image – Wikimedia Commons
PLEASE SUBSCRIBE TO CONTINUE READING.
Your subscription is important and supports our editorial integrity and our 100% veteran writing team. Advertisers these days are afraid of being associated with controversial news outlets, like us, that take a stand. Your subscription is vital to ensuring we can continue to publish the courageous apolitical news we are known and respected for as former combat veterans.Subscribe or login