Profile picture
, 7 tweets, 2 min read
My Authors
Read all threads
Facebook paid a third party firm to develop an 0-day exploit customized for Tails and then gave it to the FBI to target a cyber criminal operating on their platform. I've been thinking about this all morning and I think I support the action. 1/
vice.com/en_us/article/…
But this one is really thorny to be sure. A critical point is that Tails was removing the vulnerable feature in a not-yet-released version, so that limited the time the vuln could be used by the FBI. There's no question this monster was targeting children and had to be stopped 2/
If Facebook used an OPSEC mistake and turned that data over to the FBI, this would be a non-story. The only reason we care is that Facebook subsidized the exploitation of another platform. Critically, FB notes they wouldn't have introduced risk for all users to aid the FBI. 3/
I wonder from an ethical standpoint:
1. Does this make it easier for the gov to compel others to work with them on LE matters?
2. Facebook has the talent in-house to develop the exploit, but outsourced it. Does that give them ethical breathing room or was that for PR fallout? 4/
3. If the vulnerability were in a competitor's platform, does that change the ethical calculus?
4. If the software were widely used, would that change things?
5. If FB paid for a vuln in a SaaS platform rather than end-client software, would that cross a line? 5/
I'm not getting outraged about this. I'm not sure what I'd have done here, but recognize these are some heavy issues.

We need to have these discussions on what is and isn't right (ethically and legally) because otherwise the next FB will make their decisions without us. /FIN
Also, forgot to note that this is yet another awesome scoop from @lorenzofb and if you're not following him, you should be.
Missing some Tweet in this thread? You can try to force a refresh.

Keep Current with Jake Williams

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @MalwareJake see all

Profile picture
Jake Williams
@MalwareJake
24 hours later and I've heard lots of "leaders" say they want to start community review boards and the like. Review/advisory boards are not what's needed.

At a minimum, these are needed:
State level registries of officer violence/complaints
Citizen recertification boards 1/
Funds from abuse lawsuit awards come from pension or department discretionary funds
Residency requirements for at least the majority of the force
Body cameras worn by all and on at all times during interface with the public, video and audio
Review of current officer's records
2/
Should the registry of abuse be national? Sure, that would be better. But governors can't do that. They CAN each do it at the state level. They could even share that data...

What about body cameras? Yeah, not having privacy sucks. But lots of people give up privacy for a job. 3/
Read 6 tweets
Profile picture
Jake Williams
@MalwareJake
The open vs. closed debate really boils down to whether you think there's a vaccine or effective prophylactic coming in the next 12-18 months.

If a vaccine never comes and hospitals aren't overwhelmed and immunity is achieved post-infection, there's some first mover advantage 1/
Unfortunately, today this relies on unknowns. First, we don't understand the role of antibodies or the long term impacts yet (I think more is known about this than some are letting on, but...). If longer term immunity isn't a thing, herd immunity can't be reached. 2/
Then there's the question of long term impacts. If herd immunity means that 75%+ of the population loses a percentage of lung capacity or risks other serious complications, are we okay with that? I don't think we should be if we have a choice. 3/
Read 8 tweets
Profile picture
Jake Williams
@MalwareJake
I've been telling confidants for more than a month that I think US government has data we don't on COVID-19.

I've theorized that this is:
1. Reinfection data (Fauci is already walking back antibody significance)
2. Long term impacts (as yet fully unknown) 1/
I've heard from ER friends that they've been diagnosing asymptomatic COVID-19 cases through chest x-rays.

Think about this for a minute: people who don't know they're infected have such inflammation in their lungs that it's visible on an x-ray. That's horrific. 2/
For those who don't know, I'm a former paramedic. Not a doctor, but I've intubated and treated more than my fair share of patients in respiratory distress. In my ER rotations, I've seen more than a few chest x-rays and this is beyond concerning. 3/
Read 4 tweets

Embed code for your website

×
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!