[Wikimedia-l] law enforcement buying vulnerabilities on black market & leaving them unreported for surveillance

JP Béland lebo.beland at gmail.com
Tue Aug 20 05:30:09 UTC 2013 

I'm not sure what is your point here. How exactly readers of Wikimedia
projects are at risk here because of that story? Are you trying to say it
is the Foundation responsibility to protect the readers from the
vulnerabilities of their operating systems?

JP Béland



2013/8/19 James Salsman <jsalsman at gmail.com>

> While the trickling release of Edward Snowden's revelations from bad to
> worse in weekly incremental steps has been enormously effective in swaying
> public opinion, it has made formulating a meaningful response very
> difficult.
>
> A few weeks ago we learned that the FBI has been purchasing personal
> computer operating system vulnerabilities from gray and black-hat hackers
> on the black market, often for several tens of thousands of dollars each,
> and leaving them unreported and thereby unpatched for use in future
> surveillance operations:
> http://blogs.wsj.com/digits/2013/08/01/how-the-fbi-hacks-criminal-suspects/
>
> Unfortunately, this means that the vulnerabilities remain available to the
> criminal computer crime underground, affecting everyone including
> Foundation project readers and contributors alike.
>
> Very recently a well respected group of researchers characterized this
> state of affairs as "preferable" to the complexity of additional
> surveillance network and systems infrastructure:
> http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2312107
>
> This is a false dichotomy which directly places Foundation project readers
> and editors at risk, but does so along with virtually everyone else who
> uses personal computer or smartphone equipment. However, I think it is an
> important aspect to address because none of the other recent eavesdropping
> revelations put people at risk to organized computer crime, blackmail, and
> extortion in the same way.
>
> Is there any reason to exclude action on a particular issue just because it
> effects everyone else along with our users?
> _______________________________________________
> Wikimedia-l mailing list
> Wikimedia-l at lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> <mailto:wikimedia-l-request at lists.wikimedia.org?subject=unsubscribe>

More information about the Wikimedia-l mailing list