HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
Our government swears it isn't stockpiling zero-day exploits to hack our enemies. You know, because they have their hands full exploiting average citizens. 
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
U.S. Gov Insists It Doesnt Stockpile Zero-Day Exploits
- Thread starter HardOCP News
- Start date
d50man
2[H]4U
- Joined
- Jan 22, 2002
- Messages
- 2,803
can i sell you an exploitless cellphone in america? NOPE will microsoft ship windows without govt backdoors? NOPE can we ever have another phone conversation that dsps aren't transcribing and cataloging? NOPE...
Move on this ship has sailed
Move on this ship has sailed
TwistedAegis
[H]F Junkie
- Joined
- Oct 7, 2009
- Messages
- 8,958
Not stockpiling zero-day exploits would be tying the government's hands behind it's back!
Good thing we had that Republican landslide...
Republicans: 4 Yays, 41 Nays
Democrats: 52 Yays, 1 Nay
Independents: 2 Yays
Mitch McConnell said:
Good thing we had that Republican landslide...
Republicans: 4 Yays, 41 Nays
Democrats: 52 Yays, 1 Nay
Independents: 2 Yays
heatlesssun
Extremely [H]
- Joined
- Nov 5, 2005
- Messages
- 44,154
The privacy versus security debate has always been a pendulum. In the summer of 2013 after the release of the Snowden information, the pendulum had swung as for from the opposite side of security probably since 9/11. With mad men chopping off heads and the Ebola outbreak, the pendulum has inevitably swung towards the middle again.
dgingeri
2[H]4U
- Joined
- Dec 5, 2004
- Messages
- 2,830
Know why? I bet the mainstream media didn't tell. It was specifically because there was an 2 year extension to the Patriot Act amended into it. There was a major push among Republicans and libertarians to keep this from passing because it would extend the Patriot Act. If that amendment were removed, it would pass.
Of course, the Democrats didn't want that removed. It was a Democrat that added it to this bill. They've been using some aspects of it for political advantage.
TwistedAegis
[H]F Junkie
- Joined
- Oct 7, 2009
- Messages
- 8,958
Pretty sure that isn't why Senate leadership voted against it; they specifically wanted the NSA to keep that ability. A few voted no, like Rand, due to that reason. But the majority didn't want any rollback at all. In fact, an op-ed against it was titled something along the lines of, "The Reform ISIS would want". Scare tactics much?
Skripka
[H]F Junkie
- Joined
- Feb 5, 2012
- Messages
- 10,791
Aren't these the same creeps that insisted they don't collect cellphone metadata or read everyone's emails? I think there's a credibility problem here.
viscountalpha
2[H]4U
- Joined
- Oct 16, 2011
- Messages
- 2,618
Why don't we just start our hacker army like china? Oh right, they aren't smart enough for that.
I bet you're onto something. I'm sure they have enough people employed to sift through 319 million Americans' emails.
ShamisOMally
[H]ard|Gawd
- Joined
- Apr 24, 2010
- Messages
- 1,480
This is TOTAL 100% fucking bullshit
NSA was openly using the Heartbleed bug for ages, and was WELL aware of it to protect their own systems from the flaw, and after the Heartbleed bug was shown and everyone patched it, information came out they were USING it and deemed it an "Acceptable risk" to the public's safety so they could use it to get into other peoples systems
This is total 100% without a fucking doubt bullshit, US Gov does use zero day exploits.
NSA was openly using the Heartbleed bug for ages, and was WELL aware of it to protect their own systems from the flaw, and after the Heartbleed bug was shown and everyone patched it, information came out they were USING it and deemed it an "Acceptable risk" to the public's safety so they could use it to get into other peoples systems
This is total 100% without a fucking doubt bullshit, US Gov does use zero day exploits.
SS_Wehrwolf
Gawd
- Joined
- Apr 5, 2005
- Messages
- 632
Our government swears it isn't stockpiling zero-day exploits to hack our enemies. You know, because they have their hands full exploiting average citizens.
Their claim is 100% false, since the way they DO stockpile them is through contracts, which by law are the property OF the united states government. Try not fulfilling your contract, and you get sued. There is tons of case law to support it. So if you are an independant working on a contract FOR THE US GOVT, but NOT a US GOVT employee, they will still charge you AS A US GOVT EMPLOYEE, then by legal case law, the US GOVT does stockpile zero day exploits.
Our government swears it isn't stockpiling zero-day exploits to hack our enemies. You know, because they have their hands full exploiting average citizens.
Didn't we burn something like 4 with Stuxnet? The "smoke 'em if you get 'em" policy has never been too prevalent in our government when it comes to strategic advantages. I'm sure it's like the digital equivalent of Scrooge McDuck swimming in his money tower with the stockpile of zero days they still have.
oROEchimaru
Supreme [H]ardness
- Joined
- Jun 1, 2004
- Messages
- 4,662
Did we all read the same articles on this? I didn't read this one specifically but this is news from earlier in the week or last week. They said they do use zero-day exploits and don't release them all, but they do not stockpile them in large numbers as people believe. For example heartbleed is one, not thousands stockpiled. They use a few it sounds like and they admitted to it but its not "stockpiles" or an exaggerated amount.
What is a "stockpile" though? I think many in InfoSec would agree that a dozen would be a stockpile when it comes to zero day exploits.
Ur_Mom
Fully [H]
- Joined
- May 15, 2006
- Messages
- 20,689
"I did not have sexual relations...". Politicians can twist words around to make them technically true. They don't stockpile. Technically, they could have a few, but it's not the same as stockpiling thousands of nukes. So, it's not stockpiling. It's saving a few for later. You know, for our safety.
Who's dsps?
I think there is a basic misunderstanding of what SECRET means.
Umm, Did you miss this?
http://www.defense.gov/home/features/2013/0713_cyberdomain/
Along with the DoD's Cyber Command each branch has their own Cyber Organization.
Shamus, did you miss that they admitted that they use them?
Nooo, this is 100% bullshit. A Contractor working for the Government does have to follow the same rules and laws as the Government themselves. Are there differences, yes, but the Government can't just hire Contractors to do things that would be illegal for them to do themselves.
I know, I Am a contractor.
ShamisOMally
[H]ard|Gawd
- Joined
- Apr 24, 2010
- Messages
- 1,480
Hence why them saying they DON'T stockpile zero day exploits is bullshit
GotNoRice
[H]F Junkie
- Joined
- Jul 11, 2001
- Messages
- 12,003
I sure wish we lived in a perfect world where all governments had total transparency and there was never any need for anything like this.
But even if the US Government decided to never do anything like this ever again, it sure as shit wouldn't stop Russia, China, and a dozen other shit countries from continuing to do so.
I for one, am not in any great hurry to have my country put at a disadvantage when it comes to the way the world actually works.
But even if the US Government decided to never do anything like this ever again, it sure as shit wouldn't stop Russia, China, and a dozen other shit countries from continuing to do so.
I for one, am not in any great hurry to have my country put at a disadvantage when it comes to the way the world actually works.
SS_Wehrwolf
Gawd
- Joined
- Apr 5, 2005
- Messages
- 632
Who said anything about it being illegal? Its not illegal. What i said was this is how they get around CLAIMING they personally do not, when in fact contractors DO save and come up with zero day exploits on a daily basis.
So yes, it IS bullshit as they are employed by the US GOVT.