Zeroday 01100100011010010

Bruce Schneir is a security critic, businessman and all star crypto-expert who has been following the “boarding pass hacker” story. In a recent NYT article he offers the following on disclosure and I think it maps quite nicely to what I’ve been considering for the vulnerability research paper I’ve been helping out on.

” ‘Why should we help the bad guys?’ The answer, he said, is that the bad guys aren’t helped — because they almost certainly already know a system’s weak points — and that disclosing the weaknesses brings pressure on government agencies and their suppliers to improve security for the good guys.”

This NYT article is a little behind since the issue occured and blew over a while back. Even I have posts on this and my blog is hampered constantly by an overwhelming workload. I am glad to see that *some* public scruntity has come around to this case. The MA senator who called down the government on Christopher Soghoian seems woefully absent in the article but I just assume that is what politics are all about. To be fair Ed Markey (D – Mass) did reverse himself.

“Rogues are very keen in their profession, and know already much more than we can teach them.” — A.C. Hobbs