Booming 'zero-day' trade has Washington

May 12 [Sun], 2013, 14:27
By Joseph Menn

WASHINGTON (Reuters) - The proliferation of hacking tools known as zero-day exploits is raising concerns at the highest levels in Washington, even as U.S. agencies and defense contractors have become the biggest buyers of such products.

White House cybersecurity policy coordinator Michael Daniel said the trend was "very worrisome to us."

Asked if U.S. government buying in the offensive market was adding to the problem, Daniel said more study was needed. "There is a lot more work to be done in that space to look at the economic questions...so we can do a better job on the cost-benefit analysis," he said.

Some security experts say the government's purchasing power could help instead of hurt. They argue the U.S. government should bring the market into the open by announcing it will pay top dollar for zero-days and then disclosing all vulnerabilities to the companies concerned and their customers.

"Given that people are now buying vulnerabilities, the U.S. should simply announce that it is cornering the market, that they will pay 10 times anyone else," said Dan Geer, chief information security officer at In-Q-Tel, the U.S. intelligence community's venture capital firm. He said he was speaking outside of his official capacity.

Richard Clarke, who served as counter-terrorism chief in the White House before becoming a cybersecurity advisor there a decade ago, said the government should at least review the exploits it has and disclose the vast majority.

"In some rare cases, perhaps the government could briefly withhold that information in order to run a high-priority collection mission," he said. "Even then, however, the government should closely monitor to see if anyone else has discovered the vulnerability and begun to use it."

Howard Schmidt, who served as White House cybersecurity czar under Obama, said he agreed with Clarke's approach. Asked if he had made the same argument during his recent two and a half years in the White House, he said he couldn't betray confidences by going into detail.

But Schmidt added: "The entire discussion on cascading effects and the sort of unintended consequences of any type of malware was had more than once...That's the discussion that needs to continue to take place."

(Reporting by Joseph Menn; Editing by Jonathan Weber and Claudia Parsons)



http://francespor.skyrock.com/3161517398-Syncretism-The-Religious-Context-of-Christian-Beginnings-in-Korea-SUNY.html
http://dexterbdny.soclog.se/p/2013/5/?link=1368326083
http://parofzon.metroblog.com/the_2009_2014_world_outlook_for_pressure_sensitive_base_stock_excluding_stock_for_labels_ebook
http://twitpic.com/cpxwpc
http://lymanqtha.jigsy.com/entries/general/downloads-reprint-1979-yearbook-wilson-high-school-west-lawn-pennsylvania-e-book
http://friendfeed.com/kbclu/8f86d213/downloads-annotated-glossary-to-ar-rawzatu-z
http://aehauoqry.metroblog.com/downloads_no_hay_fever_a_railway_summers_in_st_andrews,_canada_s_first_seaside_resort_book
http://darrinidqm.jimdo.com/2013/05/12/the-illusion-of-civil-society-democratization-and-community-mobilization-in-low-income-mexico/
http://en.netlog.com/sunnystriegel/blog/blogid=23387727
http://en.netlog.com/jacquelinleming/blog/blogid=23387728
http://claraoafibb.webs.com/apps/blog/show/26299054
http://friendfeed.com/pouhpqi/991f8e1b/downloads-after-surge-case-for-u-military
http://vhteouou.altervista.org/open-services-innovation-rethinking-your-business-to-grow-and-compete-in-a-new-era-book-downloads/
http://jettaluyyin.webs.com/apps/blog/show/26299052
http://friendfeed.com/piksyf/5848f250/unshaken-ruth-lineage-of-grace-series-3-read
http://brynnhuarn.webs.com/apps/blog/show/26299055
http://evanmooc.skyrock.com/3161517416-The-early-history-and-antiquities-of-freemasonry-As-connected-with.html
http://xiyechop.solideblog.com/The-first-blog-b1/Download-Breast-Cancer-in-the-Post-Genomic-Era-Current-Clinical-Oncology-book-b1-p53.htm
http://zebeqeat.altervista.org/downloads-trees-and-hills-methodology-for-maximizing-functions-of-systems-of-linear-relations-ebook/
プロフィール
  • プロフィール画像
  • アイコン画像 ニックネーム:archieoku
読者になる
2013年05月
« 前の月  |  次の月 »
1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31
最新コメント
ヤプミー!一覧
読者になる
P R
カテゴリアーカイブ
月別アーカイブ
http://yaplog.jp/archieoku/index1_0.rdf