Mac Developer: NSA says how often, not when, it discloses software flaws | VentureBeat | Security | by Reuters
NSA says how often, not when, it discloses software flaws | VentureBeat | Security | by Reuters The U.S. National Security Agency, seeking to rebut accusations that it hoards information about vulnerabilities in computer software, thereby leaving U.S. companies open to cyber attacks, said last week that it tells U.S. technology firms about the most serious flaws it finds more than 90 percent of the time.
The re-assurances may be misleading, because the NSA often uses the vulnerabilities to make its own cyber-attacks first, according to current and former U.S. government officials.
It would seem the entire business of client side surveillance requires remote exploits, so why would they reveal them?
Labels: security policy