[Spooky23]

I think that's an absurd position. The government has a need to be able to access hostile systems. A hacked computer can avoid armed conflict where people die.

A better question is... why aren't major vendors devoting a fraction of the resources to find this stuff and fix t on their own?

[andai]

They're being paid by the spooks!

On a serious note, doesn't cyberwarfare sound more like it could lead to nasty consequences, such as regular warfare, rather than preventing it?

[Spooky23]

As nuclear proliferation becomes more and more common, "regular warfare" is going to become impossible.

The reality is that there isn't going to be a traditional war with any nuclear power. WW2 was the last big state on state conflict -- that cannot happen again. Since 1948, the US vs. USSR model has applied, where nuclear powers have proxy wars at the fringes with various minor states.

As nukes become available to 2nd/3rd tier states, you need lower impact fighting methods to avoid setting off a nuclear chain reaction. "Cyber warfare", IMO, is a tool in the toolbox. Instead of proxy states, we fight with proxy corporations.

[LyndsySimon]

> WW2 was the last big state on state conflict -- that cannot happen again.

Respectfully, the belief that large-scale war was impossible between modern states was prevalent prior to the First World War.

I strongly believe that there will eventually be another large conflict, and that the only reason there hasn't been one to date is because we've managed to maintain the balance between Russian and American interests throughout the Cold War.

The collapse of the Soviet Union marked the beginning of a transitional state, and we've not reached a stable balance of power since.

[Spooky23]

Perhaps "cannot" was the wrong word choice. "must not" may be more appropriate.

I share your fears and find it terrifying, as that large scale war with the technology that we have today is a profoundly more damaging thing.

[tgragnato]

Ok, but the current trend seems to suggest a strong preference for SIGINT, ELINT, ... over traditional HUMINT.

Isn't this overestimating only a peculiar aspect ?

[Spooky23]

I think what we're seeing is that "SIGWAR" is a thing. Why blow up something if you can undermine it?

If you think about it, it's similar to how the physical world evolved. I was recently up at Fort Ticonderoga, which is an example of a fort designed to resist and leverage the cannon as a defensive weapon. In Europe forts of similar design were nearly impregnable, but ultimately obsolete -- mobility and artillery rendered fixed positions useless. There's a similar thing at play here!

[tgragnato]

I am not skeptical about this concept in particular, but about the lack of practical confirmation for the results of their tools.

This is perceived (at a later stage & by the public opinion) when many in the government itself publicly question the trustworthiness of the information given.

When you're blacked out by an immense quantity of basically useless infos, you're spending money and resources in an ineffective manner.

Is all this enough to target what has to be targeted, so that you have a real balance between your effort and your results?

I don't think so, a quick look to their budget is enough for me to disagree.

[MaxfordAndSons]

> why aren't major vendors devoting a fraction of the resources to find this stuff and fix it on their own?

I'm pretty sure most of the competent ones are... it's just really slow, expensive, hard work, with little financial upside (beyond preventing the financial downside of disastrous long-tail exploits). Spending ever more on it probably isn't an easy sell to business people with normal (read: bad) human probabilistic intuitions. And a lot of the people best at it probably just choose to work for themselves because they can auction their work to IC or criminal collectors for much more than they'd get from a fixed rate bug bounty.

[tmaly]

Or Why don't we have like a "Open BSD" equivalent on the Android Platform?

[chinathrow]

> A hacked computer can avoid armed conflict where people die.

Yet we see armed conflicts with CIA origins within plenty of history books...