zlacker

[return to "A case against security nihilism"]
1. gnfarg+bf[view] [source] 2021-07-20 20:32:51
>>feross+(OP)
"What can we do to make NSO’s life harder?" That seems pretty simple to me: We ask Western democratic governments (which include Israel) to properly regulate the cybersecurity industry.

This is the purpose of governments; it is why we keep them around. There is no really defensible reason why the chemical, biological, radiological and nuclear industries are heavily regulated, but "cyber" isn't.

◧◩
2. mrdoop+pg[view] [source] 2021-07-20 20:39:17
>>gnfarg+bf
The whole approach of regulating on the level of "please don't exploit vulnerable systems" seems reactive to me. If the cats out of the bag on a vulnerability and it's just data to copy and proliferate - not much a government can do other than threaten with repercussions which only applies if you get caught.

The only tractable way to deal with cyber security is to implement systems that are secure by default. That means working on hard problems in cryptography, hardware, and operating systems.

[go to top]