Richardcyoung.com

The Online Home of Author and Investor, Dick Young

  • Home
  • How We Are Different
  • About Us
    • Foundation Principles
    • Contributors
  • Investing
    • You’ve Read The Last Issue of Intelligence Report, Now What?
  • Your Survival Guy
  • The Great Reset
  • My Rifles
  • Concentrate on Dividend Record and Compounding
  • Your Security
  • The Swiss Way
  • Dick Young
  • Debbie Young
  • Key West
  • Paris
  • Dick’s R&B Top 100
  • Liberty & Freedom Map
  • Your Health
  • Old Confederacy
  • Main Street Conservative
  • BLM’s Marxist Agenda
  • Ron Paul
  • Bank Credit & Money
  • Freedom Force

Did the NSA Know about Spectre and Meltdown?

January 9, 2018 By Richard C. Young

By Rawpixel.com @ Shutterstock.com

White House cybersecurity coordinator Rob Joyce, who formerly worked at the NSA, has said the agency had no knowledge of the Spectre or Meltdown vulnerabilities in Intel processors that came to light last week. Andy Greenberg reports in WIRED:

On Friday, White House cybersecurity coordinator Rob Joyce, a former senior NSA official, told The Washington Post that the NSA didn’t know about Spectre and Meltdown and had never exploited the flaws. Joyce has also touted a move to reveal more about the NSA’s rules for disclosing vulnerabilities it finds, a policy known known as the Vulnerabilities Equities Process.

Despite the almost uncanny anecdotal evidence for bug rediscovery that Spectre and Meltdown represent, it’s far from clear just how common that phenomenon has become. The Harvard Study co-authored by Bruce Schneier, for one, examined a trove of bug report data containing 4,300 vulnerabilities. Fourteen percent of Android vulnerabilities were reported again within just 60 days of their initial discovery, and around 13 percent of Chrome bugs. “For the NSA, holding onto vulnerabilities is way more dangerous than you’d think, given the raw numbers,” Schneier says.

It is possible the NSA didn’t know of the vulnerabilities, but Greenberg also reports that Schneier says if the NSA did find it, it’s likely that other nations knew about the vulnerability as well. Greenberg writes:

So when the NSA finds a so-called zero-day vulnerability—a previously unknown hackable flaw in software or hardware—Schneier argues that tendency for rediscovery needs to factor into whether the agency stealthily exploits the bug for espionage, or instead reports it to whatever party can fix it. Schneier argues bug collisions like Spectre and Meltdown mean they should err on the side of disclosure: According to rough estimates in the Harvard study he co-authored , as many as one third of all zero-days used in a given year may have first been discovered by the NSA.

“If I discover something lying dormant for 10 years, something made me discover it, and something more than randomly will make someone else discover it too,” Schneier says. “If the NSA discovered it, it’s likely some other intelligence agency likely discovered it, too—or at least more likely than random chance.”

Read more here.

Related Posts

  • NSA Scandal Grows
  • Where NSA gets its Dirt
  • VIDEO: How the NSA Spies on Americans
  • Author
  • Recent Posts
Richard C. Young
Richard C. Young is the editor of Young's World Money Forecast, and a contributing editor to both Richardcyoung.com and Youngresearch.com.
Latest posts by Richard C. Young (see all)
  • Insurrection Was the Furthest Thing from Trump’s Mind - January 15, 2021
  • An Alert for Warm Weather, Wine Loving Mavens. - January 15, 2021
  • We Support Censure of Flake, McCain and Ducey - January 14, 2021

Dick Young’s Must Reads

  • Progressive Liberalism Has Dragged America near Ruination
  • The Butterfly Effect and Chaotic Markets
  • Conflict Between Democratic Sovereignty and Transnational Progressivism (Globalism)
  • To Me There Isn’t a Better Way to Live
  • Escape From the City: You’re Going to Like What You See
  • VIDEO: Giuliani: BLM Is a Marxist Organization Planning to Destroy the Police
  • Boom—Your Life Changes
  • Work to Make Money/Invest to Save Money
  • 751 “No-Go” Zones in France
  • Hillsdale College: What College Is Meant to Be

Disclosure

RSS Youngresearch.com

  • The Fed is Sacrificing Retirees to Save the Banks
  • Jim Simons’s Renaissance Technologies vs. Internet Forum Traders
  • February RAGE Gauge: Americans Focusing on What’s In Front of Them
  • Biden Plans to Spend Trillions More on COVID-19 Stimulus
  • There’s Always a Way Forward for Americans Like YOU
  • Overtaken By Nvidia, Intel Fires Bob Swan
  • Do You Remember When NASDAQ Dropped by 82%?
  • Downcast Small Business Owners Prepare for a Difficult Four Years
  • Don’t Be on Their Radar, Get Out of Debt Now
  • Business Owners Must Reassess Relationship with Big-Tech

Insurrection Was the Furthest Thing from Trump’s Mind

Who Are Those Urging Violence?

Are $2,000 Checks Going to Rebuild NYC?

An Alert for Warm Weather, Wine Loving Mavens.

Key West’s Number One Restaurant: The Thirsty Mermaid

VIDEO: Henry U.S. Survival AR-7

Copyright © 2021 | Terms & Conditions | About Us | Dick Young | Archives