Dave Aitel and Matt Tait on How “Everything You Know About the Vulnerability Equities Process Is Wrong”
The Lawfare Podcast
The Lawfare Institute
4.7 • 6.4K Ratings
🗓️ 26 August 2016
⏱️ 49 minutes
🧾️ Download transcript
Summary
Dave Aitel and Matt Tait come on the podcast to discuss their recent Lawfare essay critiquing the current status of the Vulnerability Equities Process. They argue that the process by which the US government decides whether or not to disclose software vulnerabilities is fundamentally broken, and that now is the time to discuss how to fix it.
Support this show http://supporter.acast.com/lawfare.
Hosted on Acast. See acast.com/privacy for more information.
Transcript
Click on a timestamp to play from that location
| 0:00.0 | The following podcast contains advertising to access an ad-free version of the LawFair |
| 0:07.2 | podcast become a material supporter of LawFair at patreon.com slash LawFair. |
| 0:14.7 | That's patreon.com slash LawFair. |
| 0:18.2 | Also, check out LawFair's other podcast offerings, rational security, chatter, LawFair |
| 0:25.6 | no bull and the aftermath. |
| 0:32.6 | Summer is finally here and so is the John Lewis sale with up to 50% of selected |
| 0:40.0 | products and thousands of offers across home, fashion, nursery and tech. |
| 0:45.4 | What better time to switch up your summer bedding, prepare your holiday wardrobe or get ready |
| 0:50.2 | to host Alfresco. |
| 0:57.2 | The John Lewis sale is now on. |
| 0:59.4 | Shop via our app online or in store. |
| 1:04.4 | We're now at this slightly odd position of everybody agrees that the vulnerability |
| 1:14.5 | of the security process is broken. |
| 1:21.5 | We now have a rare opportunity that everybody agrees that it is broken to actually collect |
| 1:26.8 | the data on it and then say, well, one of these sides has to be right. |
| 1:31.6 | So, we can get the intelligence community can provide data possibly in classified form |
| 1:38.2 | to say this is the number of zero day collisions that have actually occurred over 10 years |
| 1:44.8 | of collecting data. |
| 1:47.0 | In the event that the answer is, most of our zero days are colliding with foreign adversaries. |
| 1:52.2 | Then the EFF clearly wins and in the event that the answer is none of our zero days have |
| 1:57.2 | ever collided, then actually the intelligence community wins. |
| 2:00.3 | We need to recognise that this isn't necessarily the best way of doing defence. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from The Lawfare Institute, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of The Lawfare Institute and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.