National Security Council cyber-security coordinator Michael Daniel, who is also President Obama’s top adviser on cyber-security matters, has sought to reassure Americans about the government’s use of software exploits to spy on them. The result was anything but.
In a denial with loopholes big enough to drive a truck full, Daniel insisted that the government only exploits some of the software vulnerabilities they find, and that most zero-day exploits, undiscovered exploits in newly released software, are actually reported to the manufacturer.
That’s hardly reassuring, as in exploiting any given major piece of software the government really only needs a single major vulnerability. If anything, reporting “most” of them may lull the software makers into a false sense of security, believing that the government’s reports are all-inclusive, as opposed to just sort-of-inclusive.
Daniel maintains that disclosure is the “default,” and that the exceptions are in the minority. That said, Daniel declined to answer any questions on the number of such exploits that the government has “stockpiled” without reporting, insisting only that it wasn’t nearly as big a number as some people might think.
Yeah right. And how do we know Intel, AMD, Samsung, Qualcomm, TSMC, etc. isn't building in hardware backdoors anyway. It's not like those corporations can be trusted in the least. They'll bend over backward the moment the NSA/Google's chief creeps Schmidt/Cohen come knocking. That would save the NSA the trouble of having to intercept technology orders during shipping.