We do seem to be talking past each other. Against better judgement, I'll try once more.
Dave Aitel can be the world's foremost expert on developing zero days with no peer in sight, but that doesn't automatically make him (or any expert) trustworthy. One of the great things about our government (when it functions correctly) is that we don't have to trust any one person in our government too much. We have things like transparency, checks and balances, competing interests and so on that help force everyone to be at least somewhat honest and responsible. The arguments that we should just shut up and trust the FBI and the NSA go counter to that. The EFF may not be expert in exploits, but even school children in the US understand basics about government corruption and the need for checks and balances.
I do think I understand Dave's argument. Oversight and transparency applied to US agencies with regards to exploits will not also be uniformly applied to non-US agencies and their use of exploits. Why does that matter even matter? Well, nobody seems to be coming out and saying as much but Dave and others strongly imply that we are in the middle of a secret all-out no-holds-barred high-stakes computer security war with other countries right now. Burdening the FBI and NSA with any kind of transparency or oversight requirements will put us at a disadvantage in that war and Bad Things will happen if we lose.
If that's really the case, then it sounds like we need Geneva Conventions for cyber war, something that protects all the worlds citizens from the land mines and mustard gasses of state sponsored computer hacking. Before that could ever happen we'd need to first admit we are in the middle of a cyber war, and nobody seems to want to do that.
Dave Aitel can be the world's foremost expert on developing zero days with no peer in sight, but that doesn't automatically make him (or any expert) trustworthy. One of the great things about our government (when it functions correctly) is that we don't have to trust any one person in our government too much. We have things like transparency, checks and balances, competing interests and so on that help force everyone to be at least somewhat honest and responsible. The arguments that we should just shut up and trust the FBI and the NSA go counter to that. The EFF may not be expert in exploits, but even school children in the US understand basics about government corruption and the need for checks and balances.
I do think I understand Dave's argument. Oversight and transparency applied to US agencies with regards to exploits will not also be uniformly applied to non-US agencies and their use of exploits. Why does that matter even matter? Well, nobody seems to be coming out and saying as much but Dave and others strongly imply that we are in the middle of a secret all-out no-holds-barred high-stakes computer security war with other countries right now. Burdening the FBI and NSA with any kind of transparency or oversight requirements will put us at a disadvantage in that war and Bad Things will happen if we lose.
If that's really the case, then it sounds like we need Geneva Conventions for cyber war, something that protects all the worlds citizens from the land mines and mustard gasses of state sponsored computer hacking. Before that could ever happen we'd need to first admit we are in the middle of a cyber war, and nobody seems to want to do that.