NSA denies ‘Raiders of the Lost Ark' stockpile of security vulnerabilities

Alex Hern in Las Vegas

from Technology | The Guardian on 2016-08-06 10:00 (#1PNS9)

The agency's stockpile of unpatched, undisclosed vulnerabilities is a big concern to the security community, but research suggests it discloses more than it keeps

America's National Security Agency (NSA) spends upwards of $25m in a year buying previously undisclosed security vulnerabilities - known as zero days, because that's the length of time the target has had to fix them - but the large investment may not result in as much of a collection of hacking capabilities as is widely assumed.

Jason Healey, a senior research scholar at Columbia University and director at the Atlantic Council policy thinktank, argues that the true number of zero days stockpiled by the NSA is likely in the "dozens", and that the agency only adds to that amount by a very small amount each year. "Right now it looks like single digits," he says, adding that he has "high confidence in this assessment."

Source	RSS or Atom Feed
Feed Location	http://www.theguardian.com/technology/rss
Feed Title	Technology \| The Guardian
Feed Link	https://www.theguardian.com/us/technology
Feed Copyright	Guardian News and Media Limited or its affiliated companies. All rights reserved. 2024