We are developing the social individualist meta-context for the future. From the very serious to the extremely frivolous... lets see what is on the mind of the Samizdata people.

Samizdata, derived from Samizdat /n. - a system of clandestine publication of banned literature in the USSR [Russ.,= self-publishing house]

Samizdata quote of the day

Noting the “unintended but disconcerting” link between nation-state activity and criminal activity, Smith adds that governments need “to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits”. The “Digital Geneva Convention” Redmond recommends would therefore require governments “to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them”.

Richard Chirgwin

Unintended? Not so sure about that.

7 comments to Samizdata quote of the day

  • Laird

    I’m sure it was “unintended” in the sense that the government wasn’t trying to enable (non-governmental) criminal activity; that was merely an unfortunate side effect. Just like the drunk driver who didn’t intend to kill anybody; it was just an unintended side effect. But the consequences are devastating, all the same.

    The NSA needs to be closed, its buildings torn down, and the ground sowed with salt. Plus maybe a few ceremonial public hangings, just to drive home the point.

  • Watchman

    Laird,

    I hate mentioning this, but surely the ground could be put to more productive uses than being salted (which in my experience doesn’t even kill moss never mind more pernacious infestations such as insane bureaucracy)…

    What concerns me is that somehow an intelligence agency has people working on computer security who are good enough to create this software, but still fail to understand security enough to stop it being stolen (it is not difficult to make a secure environment for this sort of thing – it’s called not putting it on a computer connnected to the internet…).

    All the best,
    Allan

  • Paul Marks

    The NSA is needed Laird – contrary to the Rothbardians it takes one (not two) to make a dispute – the United States being nice will not stop other powers attacking the United States, and NO they do not need a legitimate reason (the “Blowback” theory is wrong).

    However, the NSA (and the rest of the Executive) most be under Congressional oversight. Congress is often a pain in the you-know-where, and it contains many clowns (such as the Minority Leader of the House and of the Senate) – but it must be in a position of oversight over the Executive.

  • Sam Duncan

    While Microsoft griped about NSA exploit stockpiles, it stockpiled patches: Friday’s WinXP fix was built in February

    … built and digitally signed by Microsoft on February 11, 13 and 17, the same week it had prepared updates for its supported versions of Windows. In other words, Microsoft had fixes ready to go for its legacy systems in mid-February but only released them to the public last Friday after the world was engulfed in WannaCrypt.

    That’s not to let governments off the hook:

    Microsoft charged Britain’s National Health Service $200 per desktop for year one, $400 for year two and $800 for a third year as part of its contract. UK Health Secretary Jeremy Hunt cancelled the contract after a year as a cost-saving measure. The idea was that a year would give NHS trusts time to manage their upgrades and get modern operating systems, but instead it seems some trusts preferred to spend the money not on IT upgrades but on executive remuneration, nicer offices, and occasionally patient care.

    … but they’re both as bad as each other. Microsoft pretends to be part of the solution, but it’s very much part of the problem. I don’t know of a single Linux distro or BSD Unix that would sit on a security patch as serious as this for three days, let alone three months.

    Oh, yes: XP isn’t supported and users should be grateful they got anything at all. Well, perhaps. I can’t imagine anyone else patching a 16-year old OS (or having to), so one cheer for their belated and reluctant recognition of the world as it is rather than as they’d like it to be. But they didn’t release the patches for supported versions until March 14th, a month after they were built. And people pay for this?

  • Laird

    Paul, I didn’t say that the US doesn’t need an intelligence agency, merely that it shouldn’t be the NSA. It has gotten completely out of control. It’s not that Congress doesn’t control it; the Executive branch doesn’t, either. It’s gone rogue and is a real danger to what little remains of our freedom.

    But as to your other point, I disagree. The Executive and Legislative are co-equal branches of government; neither is subject to “oversight” by the other. Each has its legitimate powers which serve to constrain the other, but that’s as far as it goes.

  • DP

    Dear Mr de Havilland

    The difference between government and organised crime? One is illegal. But neither is lawful.

    DP

  • Thailover

    “The NSA needs to be closed, its buildings torn down, and the ground sowed with salt. Plus maybe a few ceremonial public hangings, just to drive home the point.”

    Nah…Snowden shows publically and repeatedly how the NSA *LIES* to congress in a blatantly felonious manner…and the “solution” is to hunt down Snowden and Assange, crying off with their heads. Shooting the messenger, isn’t that the path to peace? LOL.