WannaCry is famously based on EternalBlue leaked from the NSA. If you don’t follow the highest profile news in this space, you probably shouldn’t make very confident statements on this topic.
I think it’s actually you who is missing context here. We are talking about a single example
Of the NSA hitting innocent people on mass and you gave me an example of North Korea in response and are trying to say that because they used an exploit that was originally developed by the NSA that it’s somehow the same thing. It’s not, it’s not even close.
What would you have them do in this situation exactly? Do you want them to write a readme guide for North Koreans? Should they never write malware again? Should they send out signatures to AV companies.
Please explain to me what you think should be different.
One final comment from me on this topic to set the record straight, won’t respond further since I don’t sense a good faith discussion here. It rarely is when someone posts like a dozen comments on a single topic.
The thread went like this:
- Someone: Kaspersky is arguably the best at the job, was the only one capable of detecting NSA malware at one point.
- You: NSA never targets anyone they don’t want to target, and antivirus is useless if you are a target.
- Someone: NSA malware also gets leaked into the wild and end up infecting millions.
- You: A single example?
- Me: A single example (that was arguably digital security story of the year at the time).
- You, two comments later: what should NSA do?
They don’t need to do shit. Antivirus companies should up their game. In practice though, word on the street (probably backed up by leaked documents too but I’m not sure) is they — including the targeted software vendors, notably Google and Microsoft — often just greenlight their allies’ operations, and issue a low profile patch when it’s really bad.
But we are just back at the argument of what if I own a gun and keep it locked up but someone breaks my lock and uses it to shoot someone.
To me the only conversation to be had here is were there reasonable protections in place at the time and what is being done to prevent it happening in the future but just due to the fact that this is the NSA those conversations are not going to be public for obvious reasons.
> Unless you have a reason to believe that somewhere the NSA is having a meeting where your name is getting mentioned this isn’t actually something you need to worry about.
... unless the exploits leak (after use), which they do.
