A commission would find that there was no problem whatsoever.
Almost everybody misunderstands NSA's defensive mandate. They aren't corporate America's QA department, they don't have a "let's find and report exploits" mission - their defensive mission applies to "national security systems" and other "defense industrial base" ones. Those are computers/networks running fairly specific tasks; they are generally not internet connected, and sitting in secure buildings with 24 hour security and surveillance, so securing them revolves around a lot of physical security and controlled access.
YOU don't have one of these systems, corporation XYZ doesn't have one, there is no requirement NSA disclose jack shit to anybody unless they want to. And in the ETERNALBLUE case one of their tools leaked so they helped head off a lot of problems by voluntarily telling Microsoft about it.
As for who is responsible for this - I thought all the people here are free market worshipers. If Silicon Valley tech companies, one of the richest class of private enterprises in the world, need what are effectively government subsidies to cover their bug ridden insecure products, well that sounds like multiple market failures to me.
Almost everybody misunderstands NSA's defensive mandate. They aren't corporate America's QA department, they don't have a "let's find and report exploits" mission - their defensive mission applies to "national security systems" and other "defense industrial base" ones. Those are computers/networks running fairly specific tasks; they are generally not internet connected, and sitting in secure buildings with 24 hour security and surveillance, so securing them revolves around a lot of physical security and controlled access.
YOU don't have one of these systems, corporation XYZ doesn't have one, there is no requirement NSA disclose jack shit to anybody unless they want to. And in the ETERNALBLUE case one of their tools leaked so they helped head off a lot of problems by voluntarily telling Microsoft about it.
As for who is responsible for this - I thought all the people here are free market worshipers. If Silicon Valley tech companies, one of the richest class of private enterprises in the world, need what are effectively government subsidies to cover their bug ridden insecure products, well that sounds like multiple market failures to me.