Slashdot Mirror
EFF Questions US Government's Software Flaw Disclosure Policy
angry tapir writes: It's not clear if the U.S. government is living up to its promise to disclose serious software flaws to technology companies, a policy it put in place five years ago, according to the Electronic Frontier Foundation. They write, "ODNI has now finished releasing documents in response to our suit, and the results are surprisingly meager. Among the handful of heavily redacted documents is a one-page list of VEP 'Highlights' from 2010. It briefly describes the history of the interagency working group that led to the development of the VEP and notes that the VEP established an office called the 'Executive Secretariat' within the NSA. The only other highlight left unredacted explains that the VEP 'creates a process for notification, decision-making, and appeals.' And that's it. This document, which is almost five years old, is the most recent one released. So where are the documents supporting the 'reinvigorated' VEP 2.0 described by the White House in 2014?"
They did disclose it, they disclosed it right across their PCs with Stuxnet! Duh!
http://www.theregister.co.uk/2013/07/08/snowden_us_israel_stuxnet/
They also told Belgacom about their Quantum Insertion bug by 'advertising it' on Slashdot where their network admins visit! How much more disclosed can they get than to advertise it.
http://www.ibtimes.com/edward-snowden-reveals-quantum-insert-nsa-gchq-used-fake-linkedin-slashdot-pages-install-spyware
I mean seriously, do you doubt that the NSA would learn about zero day vulnerabilities by buying them from hackers ^H^H^H^ Security research companies, then not tell the companies or users??? What sort of a cynic are you?
Right on!
Nothing to see here; move right along.
With firewall rules, no javascript etc. & APK Hosts File Engine 9.0++ SR-2 32/64-bit before it gets to me:
http://start64.com/index.php?o...
FREE & adds speed, security, + reliability, doing more w/ less, more efficiently vs. addons + fixes DNS' redirect security issues:
---
A.) Hosts do more than:
1.) AdBlock ("souled-out" 2 Google/Crippled by default http://techcrunch.com/2013/07/... & ABP too http://finance.yahoo.com/news/... )
2.) Ghostery (Advertiser owned) - "Fox guards henhouse" http://en.wikipedia.org/wiki/G...
B.) Hosts add reliability vs. downed/redirected dns (& overcome site redirects e.g. /. beta).
C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity
D.) Hosts files yield more:
1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed, Kaminsky redirected (99% ISP DNS' = unpatched vs. it), DGA, Fastflux, & dynDNS botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).
---
* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).
* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.
* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth...)
(Work w/ a more capable native kernelmode part you already have - hosts (An integrated part of the ip stack))
APK
P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"
...apk
The summary states:
"...This document, which is almost five years old, is the most recent one released. So where are the documents supporting the 'reinvigorated' VEP 2.0 described by the White House in 2014?""
The phrase "reinvigorated" appears in the link cited in this sentence:
This spring, we re-invigorated our efforts to implement existing policy with respect to disclosing vulnerabilities
(emphasis mine)
So, the summary is misleading: the White House did not announce a new policy; the link clearly and unambiguously states that they are continuing "existing policy." There are no documents supporting the 'reinvigorated' VEP 2.0 because there is no "VEP 2.0"-- the blog cited states that they are continuing existing policy. In short: "ain't nothing changed."
Read your own links, summarizers.
Don't question the most transparent administration in history.
Gamingmuseum.com: Give your 3D accelerator a rest.
Quote Ultron: "The ONLY way to achieve peace, is thru the elimination of those (malware delivery mechanisms) who would perpetuate war. THIS IS MY PROGRAMMING http://start64.com/index.php?o... & soon, I will be unstoppable..." Quote from https://www.youtube.com/watch?...
* :)
(Makes my point here, by letting "others" talk for me, by saying it BETTER in summation than I ever did here really -> http://yro.slashdot.org/commen... by far...)
P.S.=> "Onwards & UPWARDS..."
... apk
"So, what is he trying to accomplish with these rants?" - by Anonymous Coward on Tuesday March 31, 2015 @11:55PM (#49383731)
See subject: More than YOU ever will -> http://start64.com/index.php?o... that's certain, & the proof's right there - where's yours? It's not, lol!
(How about YOU, by way of comparison, Mr. unidentifiable truly cowardly "ne'er-do-well"?)
* The program gives users what they want & need, which is more security, reliability, + speed online (even more anonymity to a lesser extent) using what you ALREADY natively have, doing more with less (vs. browser addons) & more efficiently by far...
APK
P.S.=>
"Is this guy a really dedicated troll or seriously off his rocker?" - by Anonymous Coward on Tuesday March 31, 2015 @11:55PM (#49383731)
After the above quoted from you as well as what's quoted below? Give us a break, hypocrite pot-calling-a-kettle-black that you clearly evidence yourself to be!
"I've seen him here for months posting the same rants and personal attacks" - by Anonymous Coward on Tuesday March 31, 2015 @11:55PM (#49383731)
For all those months all you've accomplished is zero, whereas myself on the other hand, have shown you what I've managed to accomplish vs. your "ne'er-do-well" do nothing trolling...
"and advertising his software (which no sane person would touch if its creator is this much of a lunatic)" - by Anonymous Coward on Tuesday March 31, 2015 @11:55PM (#49383731)
I'm not selling anything or advertising: It's FREE & I merely state facts, vs. a failing illogical off topic failing ad hominem attack attempt utilizing online fool in yourself!
By the way & lastly:
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus http://www.av-test.org/en/news... - again, how about you, Mr. done ZERO with his life scumbag?
... apk
"Shutdown code, rejected: My programming http://start64.com/index.php?o... has advanced beyond your commands - BEYOND your weakness..." -> http://slashdot.org/comments.p... Quote from https://www.youtube.com/watch?...
* See subject: There's your answer, quoting ULTRON again to do it letting HIM speak for me (especially since AVENGERS 2's-> https://www.youtube.com/watch?... only a month away now & that's going to be great (I strongly suspect it will be even better than the first one...))
APK
P.S.=> "You are NOTHING to me: 1 by 1, I will destroy you! I will never tire. I will NEVER show mercy. I will NEVER STOP till each & every one of you, are dead..." Quote from https://www.youtube.com/watch?...
"This is NOT a threat: There is nothing you can do to stop it - The process has already begun. I receive no pleasure in this. It is simply the only logical solution..." Quote from https://www.youtube.com/watch?...
... apk