Slashdot Mirror
Hacking Team Breach Leaks Zero-Days, Renews Fight To Regulate Cyberweapons
Patrick O'Neill writes: In the days following a massive hack that confirmed Hacking Team's dealings with repressive regimes around the world, experts are wondering once again how to stop Western technology companies from equipping certain governments with weapons meant to attack journalists, human rights activists, and ordinary civilians. Regulation's backers say that "this is an industry that has failed to police itself," ACLU's Christopher Soghoian argued, but many including the EFF warn that overly broad legislation would harm more than help. In addition, wiredmikey points out that a number of exploits have been released in the wake of the hacking: Several exploits have been discovered, including ones for zero-day vulnerabilities, in the hundreds of gigabytes of data stolen by a hacker from the systems of surveillance software maker Hacking Team. Researchers at Trend Micro analyzed the leaked data and uncovered several exploits, including two zero-days for Adobe Flash Player. A readme document found alongside proof-of-concept (PoC) code for one of the Flash Player zero-days describes the vulnerability as "the most beautiful Flash bug for the last four years since CVE-2010-2161." In addition to the Flash Player exploits, researchers spotted an exploit for a Windows kernel vulnerability, a flaw that fortunately has already been patched. Adobe told SecurityWeek that it's aware of the reports and expects to release a patch on Wednesday.
experts are wondering once again how to stop Western technology companies from equipping certain governments with weapons meant to attack journalists, human rights activists, and ordinary civilians.
Are their any governments left that DON'T do this as a matter of practice?
SJW's don't eliminate discrimination. They just expropriate it for themselves.
Wait, why? Why does that have to be so black and white? There's a world of difference between an adobe flash exploit and the availability of a gun that can mow down a large number of people in a matter of seconds.
First, the entire idea of cyberweapons is laughable. Exploits are only possible because of flaws in the code. That is no more a weapon than an unlocked door.
Second, you cannot regulate them as they are immaterial. It would be possible to discover a previously unknown vulnerability, and then not record the finding anywhere. Congratulations, you have a cyberweapon in your brain. Good luck regulating that.
Why should an ideological stance on the regulation of guns and computers be the same? They clearly are different tools with much different uses.
I think you are wrong about that. The ideological stance on gun ownership in the bill of rights had a lot to do with empowering people to overthrow their corrupt government. Guns no longer have that power for the most part. Computers do. When was the last time a Deer Rifle toppled a world power? When was the last time twitter did? The answer is 2011 Or maybe even 2014
Computers aren't the same thing as guns, in fact they are a lot more powerful.
> You are more likely to be killed driving home tonight.
That's why I tell my employer I have to get home before sunset.
Pull my finger for my public key.
Is it just me or does Adobe's software have the worst engineering practices practices in the industry. Every other fucking week there's an Adobe vulnerability. Scratch your ass, Adobe Vulnerability. Sneeze? Adobe Vulnerability. Walk your dog? Adobe Vulnerability.
This company needs to just be banned from producing any software, period, unless they provide the source code as well.
Harrison's Postulate - "For every action there is an equal and opposite criticism"
You do your cause no good when you edit out crucial words.
The actual quote: "A foolish consistency is the hobgoblin of little minds".
"I don't know, therefore Aliens" Wafflebox1