SPECIAL REPORT: When it comes to hacking, the best defense is not the best offense.
Even as the U.S. government confronts rival powers over widespread Internet espionage, it has become the biggest buyer in a burgeoning gray market where hackers and security firms sell tools for breaking into computers.
The strategy is spurring concern in the technology industry and intelligence community that Washington is in effect encouraging hacking and failing to disclose to software companies and customers the vulnerabilities exploited by the purchased hacks.
That’s because U.S. intelligence and military agencies aren’t buying the tools primarily to fend off attacks. Rather, they are using the tools to infiltrate computer networks overseas, leaving behind spy programs and cyber-weapons that can disrupt data or damage systems.
The core problem: Spy tools and cyber-weapons rely on vulnerabilities in existing software programs, and these hacks would be much less useful to the government if the flaws were exposed through public warnings. So the more the government spends on offensive techniques, the greater its interest in making sure that security holes in widely used software remain unrepaired.
Moreover, the money going for offense lures some talented researchers away from work on defense, while tax dollars may end up flowing to skilled hackers simultaneously supplying criminal groups. “The only people paying are on the offensive side,” said Charlie Miller, a security researcher at Twitter who previously worked for the National Security Agency.
New Reuters app is an “Editors Choice” in the Apple App Store!
We’re so excited about how well the new app is being received. On top of that, there’s a lot of additional features coming soon. We’re only getting started, stay tuned.
Find out more about the new Reuters news app and download it here for iPad and iPhone.
Sheryl Sandberg, Facebook’s COO, discusses what CEO Mark Zuckerberg told her during her review. Despite being much younger, Zuckerberg delivered what she considers wise advice.
Google Inc said it will shut Google Reader on July 1, citing declining usage for the application that aggregates content served by web feeds, as it forges ahead with its strategy to focus on fewer products that have more impact.
What retired applications, websites and services do you miss?
Researchers at Symantec Corp have uncovered a version of the Stuxnet computer virus that was used to attack Iran’s nuclear program in November 2007, two years earlier than previously thought.
Planning for the cyber weapon, the first publicly known example of a virus being used to attack industrial machinery, began at least as early as 2005, according to an 18-page report that the security software company published on Tuesday.
Stuxnet, which is widely believed to have been developed by the United States and Israel, was uncovered in 2010 after it was used to attack a uranium enrichment facility at Natanz, Iran. That facility has been the subject of intense scrutiny by the United States, Israel and allies, who charge that Iran is trying to build a nuclear bomb.
The brilliant phone idea Samsung & Apple didn’t dream up
The smartphone market may be massive, but most handsets basically look identical. That’s because the big boys are scared of taking risks, says the man behind Russia’s innovative YotaPhone.
Radio broadcasts in English from the BBC World Service are being jammed in China, the British broadcaster said on Monday, suggesting the Chinese authorities were behind the disruption.
“The BBC strongly condemns this action which is designed to disrupt audiences’ free access to news and information,” the BBC said in a statement.
China, which enforces strict restrictions on its domestic media, has been accused by several prominent foreign media of seeking to stop their news reports reaching Chinese audiences.
“The BBC has received reports that World Service English shortwave frequencies are being jammed in China,” said the London-based public service broadcaster.