Fun fact: It's impossible for the NSA/CIA to classify their actual malware and exploits, since releasing classified materials (e.g. deploy a virus) is strictly forbidden. The only way of concealment is obfuscation.

Also, the secret service cannot claim copyright under the Constitution, since they are official works by the government.

Thus, the U.S. secret service is one of the largest contributor of infosec-related public-domain free software to the rest of the world, directly funded by the taxpayers.


有趣的事实:美国 NSA 或者 CIA 这样的情报机构虽然一直在秘密开发各种网络攻击技术,但是他们并无法将实际开发出来的恶意软件、漏洞利用程序这类需要实际部署的东西列为国家机密。否则,对受害者植入病毒就属于故意泄漏国家机密,相关负责人会收到严惩,恶意软件只能靠控制流通与混淆来保护;同时,美国情报机构也无法对这些东西主张版权,因为根据《美国宪法》,联邦政府职员在履行公职期间创作的一切作品都属于公有领域。

换句话说,从技术层面上讲,维基解密泄漏的「Vault 7」中大部分实际内容甚至都不属于机密信息;如果你在网上拿到了一个样本,你可以在包括美国在内的任何国家完全合法的对这些样本进行研发,甚至是二次开发之后拿去销售。因此,我们得到了这样的结论:从法律意义上讲,美国情报机构是世界上最大的信息安全相关公有领域自由软件的贡献者,而且是直接由美国纳税人出资,为全世界服务。

@niconiconi how about setting up a Israeli company as contractor

Sign in to participate in the conversation

Cybrespace is an instance of Mastodon, a social network based on open web protocols and free, open-source software. It is decentralized like e-mail.