Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Navy Solicits Zero Days

Posted by samzenpus on from the how-would-you-break-this? dept.

msm1267 writes: The US Navy posted a RFP, which has since removed from FedBizOpps.gov, soliciting contractors to share vulnerability intelligence and develop zero day exploits for most of the leading commercial IT software vendors. The Navy said it was looking for vulnerabilities, exploit reports and operational exploit binaries for commercial software, including but not limited to Microsoft, Adobe, [Oracle] Java, EMC, Novell, IBM, Android, Apple, Cisco IOS, Linksys WRT and Linux, among others. The RFP seemed to indicate that the Navy was not only looking for offensive capabilities, but also wanted use the exploits to test internal defenses.The request, however, does require the contractor to develop exploits for future released CVEs. "Binaries must support configurable, custom, and/or government owned/provided payloads and suppress known network signatures from proof of concept code that may be found in the wild," the RFP said.

1 of 59 comments (clear)

  1. Security and 1984 by Iamthecheese · · Score: 4, Insightful

    Little is more Orwellian among our government's many exploits than its attempts to break into our computer systems.

    The ever-present security camera? That's bad, but it's still out in public. It's on the street, maybe in the stores. They're not in your home, not yet. Rubber stamp warrants? That's worse: It allows targeted invasions of privacy. But at least it requires a the resources of a human with a paycheck and his own sense of morals. But breaking into computer systems? They're in our pockets, in our homes, and have access to every bit of our modern lives. From shopping lists to love letters to medicine prescriptions they contain whole lives. Snippets from every trip you've taken are encoded there.

    And a program doesn't have a sense of right and wrong. It will never refuse to spy on ethical grounds. It won't bring things up to the attention of oversight committees. It won't make anonymous calls to the ethics line. It won't refuse to work, leak information, or demand orders in writing. A program will quietly do as its told, wherever it can. Above all prying surveillance I believe ubiquitous IT access by the government needs to be contained.

    --
    If video games influenced behavior the Pac Man generation would be eating pills and running away from their problems.