One of the great differences between people who've dealt with exploits their whole lives and people who are in the national security policy space just starting with exploits is the concept of an exploit being a singular thing. If you've tried to hack into a lot of networks, you generally view your capabilities as a probabilistic function. The concept of making a one-by-one decision on how releasing any particular vulnerability to the vendor would affect your future SIGINT is an insane one since the equities issues are a "collective" noun.
|
LINK (This equities issue argument made here about the Trump admin declassifying FBI texts is familiar to those of us to follow the VEP) |
As you can see above the "presumption of public disclosure" line feels almost stolen directly out of one of Stanford or Belfer's VEP papers.
No comments:
Post a Comment