Article 1PNS9 NSA denies ‘Raiders of the Lost Ark' stockpile of security vulnerabilities

NSA denies ‘Raiders of the Lost Ark' stockpile of security vulnerabilities

by
Alex Hern in Las Vegas
from on (#1PNS9)

The agency's stockpile of unpatched, undisclosed vulnerabilities is a big concern to the security community, but research suggests it discloses more than it keeps

America's National Security Agency (NSA) spends upwards of $25m in a year buying previously undisclosed security vulnerabilities - known as zero days, because that's the length of time the target has had to fix them - but the large investment may not result in as much of a collection of hacking capabilities as is widely assumed.

Jason Healey, a senior research scholar at Columbia University and director at the Atlantic Council policy thinktank, argues that the true number of zero days stockpiled by the NSA is likely in the "dozens", and that the agency only adds to that amount by a very small amount each year. "Right now it looks like single digits," he says, adding that he has "high confidence in this assessment."

Continue reading...
External Content
Source RSS or Atom Feed
Feed Location http://www.theguardian.com/technology/rss
Feed Title
Feed Link http://www.theguardian.com/
Reply 0 comments