Secret service can not decide whether software vulnerabilities remain secret




The GISS and DISS may not previously disclosed vulnerabilities in software that it detects not keep to herself. Someone else must determine whether detected vulnerabilities to be reported, the Senate decided Tuesday.

Bug in Windows (smaller) On that control can for example involve the Minister himself or a “sounding board”, says Labour senator Klaas de Vries across Networks. Tuesday adopted his motion that the Senate calls to ensure this. Only the PVV voted against the motion.

Minister Ronald Plasterk said a few weeks ago in the Senate that the secret service AIVD and DISS themselves to decide whether vulnerabilities need to be shared with others. Services would do in any case as a vulnerability threatens national security, assured Plasterk. In the new situation vulnerabilities would still be kept secret, but it is no longer the secret service itself that makes the balancing of a vulnerability to be shared.

Earlier Plasterk said in parliament that vulnerabilities can be used to spy. Hostile regimes Being not previously discovered vulnerabilities, called zero days, most valuable: those problems are still not been patched and therefore easier to abuse. Among others in attacks on Iranian nuclear facilities, probably by the United States were zero days used.

In: Technology & Gadgets Asked By: [18475 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »

Star Points Scale

Earn points for Asking and Answering Questions!

Grey Sta Levelr [1 - 25 Grey Star Level]
Green Star Level [26 - 50 Green Star Level]
Blue Star Level [51 - 500 Blue Star Level]
Orange Star Level [501 - 5000 Orange Star Level]
Red Star Level [5001 - 25000 Red Star Level]
Black Star Level [25001+ Black Star Level]