U.S. Navy Caught Trying To Buy Zero-Day Security Flaws To Exploit Popular Software

Posted: June 16, 2015 in Tech

The Electronic Frontier Foundation (EFF) has spotted the US Navy publicly soliciting people to sell security vulnerabilities to well-known software, so that the US government can build backdoors into the software.

On a page posted to government agency contracting website FedBizOpps, which was deleted shortly after being highlighted by the EFF, the US Navy said the US government needs “to have access to vulnerability intelligence, exploit reports and operational exploit binaries affecting widely used and relied upon commercial software”.

Specifically, the security flaws had to be either Zero-Days or N-Days, meaning flaws that were less than six months old, and therefore less likely to have been fixed.

The post, preserved by the EFF, specifically mentions the US Navy wants security vulnerabilities relating to software belonging to Microsoft, Adobe, Android, IBM, Apple, EMC, Cisco, Linksys, Linux, EMC and Java.

These large tech firms all produce software that controls everything from mobile devices, desktop publishing and secure telecommunications to computer-aided design, website programming and cloud storage.

Full Story @ [IBTimes]

Advertisements
Comments
  1. […] develops and sells vulnerability and exploit information. And last month the U.S. Navy published a solicitation for zero days in a variety of popular […]

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s