A team of security agents conducting surveillance. (photo: US Navy)
Jon Evans | TechCrunch | Reader Supported News | April 23, 2016
id you know that the US government is sitting on its own Strategic Zero-Day Reserve? A “zero-day” is a software vulnerability that allows adversaries to bypass or reduce security restrictions; lets them hack systems which use that software, basically. These are not restricted to shady criminal hackers. They are strategic weapons in the hands of nation-states, including America. This is morally complex.
To a certain extent makes sense. Say what you like about the NSA, and I’ve said a lot of unflattering things, but stockpiling zero-days is at least arguably part of their job. The FBI, though — isn’t the primary job of the FBI to protect the American people?
Because make no mistake, every zero-day that exists, in anyone’s hands, makes everyone marginally less safe. Their undisclosed existence makes everybody who uses the hardware or software in question more vulnerable — and the number of such innocents is almost always vastly, vastly, vastly greater than the number of criminal suspects.