Government Stonewalls Law Requiring
Disclosure of Software Flaws
Ping!
The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.
If you want on or off the Mac Ping List, Freepmail me
Posted on 05/18/2016 8:06:16 PM PDT by Elderberry
A federal judge has rejected Mozilla Corp's request to force the U.S. government to disclose a vulnerability related to its Firefox web browser that the company says was exploited by the FBI to investigate users of a large child pornography website.
U.S. District Judge Robert Bryan in Tacoma, Washington, on Monday rejected Mozilla's bid to intervene in a case against a school administrator charged in the investigation, Jay Michaud.
Bryan had previously ordered prosecutors to disclose to Michaud's lawyers a flaw in a browser used to view websites including the child porn one on the anonymous Tor network that is partly based on the code for Mozilla's Firefox browser. ADVERTISING inRead invented by Teads
Mozilla, seeking to fix the flaw, moved to intervene, asking Bryan to force the government to disclose to Mozilla the vulnerability before revealing it to Michaud.
After the Justice Department asked Bryan to reconsider, citing national security, he said on Thursday prosecutors did not need to make the disclosure to Michaud.
Bryan on Monday said that made Mozilla's request moot, adding it "appears that Mozilla's concerns should be addressed to the United States."
Mozilla in a statement said it would argue to the government "that the safest thing to do for user security is to disclose the vulnerability and allow it to be fixed."
A Justice Department spokesman declined comment. Colin Fieman, Michaud's lawyer, said he would seek the indictment's dismissal due to prosecutors electing against disclosure.
Michaud is one of 137 people facing U.S. charges after the FBI in February 2015 seized the server for Playpen, a child porn website on the Tor network, which allows anonymous online communication.
To identify its 214,898 members, authorities sought a search warrant from a Virginia judge allowing them to deploy a "network investigative technique."
(Excerpt) Read more at reuters.com ...
Maybe it is sad to say this, but the only concept in this article that I grasp is “child porn”, everything else is pretty much Greek to me....or should I say “Geek to me”.
I sided with Apple in the encryption fight. But this is idiotic. The government found a backdoor in their system and Mozilla wants the government to be FORCED to explain how they did it?
Remember, this is the same company that fired that CEO because they found out he had privately donated to an anti-gay marriage organization.
Offer higher payment for zero-days. Finding them requires a lot of work by very highly skilled people. Highly skilled workers expect to be well paid. Their compensation should come from Mozilla, as a necessary cost of improving their code. It should not come from American taxpayers who paid NSA employees or Zerodium or someone else to develop this exploit.
Why is it idiotic? The feds admit they used a flaw they found in the browser. Mozilla wants to know what it is, so they can fix it before someone else finds it and uses it for nefarious ends.
The only reason the feds don't want to reveal it is to preserve it for their own use. In other words, they want everyone to remain vulnerable.
It's like leaving a window unlocked in your house, so the cops can come in at some point in the future, if you happen to be accused of something. Or, if they are just curious... There are plenty of examples where they didn't bother to ask a judge for a warrant.
By not telling you what window is unlocked, all you can do is hope that someone else doesn't discover it.
This window analogy presumes that you can't figure out what window you left unlocked, for whatever reason. That requires some suspension of disbelief.
Article from last that I thought deserved a tech ping!
The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.
If you want on or off the Mac Ping List, Freepmail me
The bottom line really has nothing whatsoever with 'child porn'. They already have the creeps in question under indictment. The government is willing to leave all of us vulnerable to whatever hack they found, because they don't give a damn about you or I or the safety and integrity of the infrastructure that has become a part of our commerce and daily lives. Mozilla shouldn't even have to ask for the information. The government should have provided the info already.
Thanks to rarestia for the ping!!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.