Latest in Disclosure

Image credit:

NSA discloses most security flaws, but that's not the whole story

Jon Fingas, @jonfingas
November 8, 2015
Share
Tweet
Share

Sponsored Links

The National Security Agency is opening up a bit about how it discloses security exploits... though not by much. Officials have posted an infographic boasting that the NSA shares details about 91 percent of the security flaws it finds, with the remaining 9 percent either fixed by vendors first or held back for "national security reasons." As it argues, it's in the country's best interests to protect the internet by "responsibly" letting software developers know about these dangerous bugs. There wouldn't be much point to holding back on these details if it wrecked the internet, the surveillance outfit says.

This sounds altruistic on the surface, but critics argue that the NSA is playing a shell game in an attempt to distract from the real problems. The issue isn't so much how many exploits are revealed as when they're revealed. After all, it isn't exactly generous to keep vulnerabilities secret, use them to spy on people, and talk about them only after you've gathered the intelligence you need. And of course, not all exploits are created equal. Disclosing a raft of minor, easily fixed security holes doesn't matter much if you keep the bigger examples to yourself. The NSA's figures would only be meaningful if the organization always revealed exploits to companies as soon as possible, no matter how serious those flaws might be.

[Image credit: AP Photo/Patrick Semansky]

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

The Morning After: Tesla's $25,000 EV, and its 200 MPH-capable Model S

The Morning After: Tesla's $25,000 EV, and its 200 MPH-capable Model S

View
Microsoft is holding Xbox Series X and S stock for launch day

Microsoft is holding Xbox Series X and S stock for launch day

View
The Galaxy S20 FE is a Samsung flagship for the rest of us

The Galaxy S20 FE is a Samsung flagship for the rest of us

View
Amazon Fire TV Stick Lite leaks ahead of tomorrow's hardware event

Amazon Fire TV Stick Lite leaks ahead of tomorrow's hardware event

View
Tesla's 1,100HP 'Plaid' Model S sport sedan will arrive in late 2021

Tesla's 1,100HP 'Plaid' Model S sport sedan will arrive in late 2021

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr