Latest in Cyberwarfare

Image credit:

The US Navy wants to buy unpatched security flaws

61 Shares
Share
Tweet
Share

Sponsored Links

It won't surprise you to hear that governments are eager to buy unpatched security exploits for the sake of cyberdefense or surveillance, but they're rarely overt about it. No one must have told that to the US Navy until this week, however. The Electronic Frontier Foundation caught the military branch soliciting for both zero-day exploits and recently discovered vulnerabilities (less than six months old) for relatively common software from the likes of Apple, Google and Microsoft. The Navy quickly took the posting down, but it was clear the organization wanted to turn these flaws into "exploit binaries" -- that is, finished software that would be useful for attacks.

The American government has policies for disclosing exploits to app makers in time to protect the general public, and it's not clear that the software would be used strictly as an offensive weapon. Security testers often write programs to prove that security holes are dangerous, after all. However, the request raises questions about priorities. While the US is making arrangements to limit the export of zero-days and similar attacks, it's simultaneously encouraging security researchers to sell their findings before they warn developers. The fear is that you'll be left open to hackers for longer than necessary in the name of fighting digital wars.

[Image credit: AP Photo/Phil Coale]

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
61 Shares
Share
Tweet
Share

Popular on Engadget

AT&T offers the LG G8X with a 'free' Dual Screen case

AT&T offers the LG G8X with a 'free' Dual Screen case

View
A machine-learning system may have predicted the World Series winner

A machine-learning system may have predicted the World Series winner

View
Spotify offers a free Google Home Mini to all US Premium subscribers

Spotify offers a free Google Home Mini to all US Premium subscribers

View
Major credit card companies launch a one-click checkout button

Major credit card companies launch a one-click checkout button

View
Samsung patent application showcases AR headset design

Samsung patent application showcases AR headset design

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr