A free Windows Vulnerability for the NSA

http://blog.ioactive.com/2012/01/free-windows-vulnerability-for-nsa.html?m=1

 

The NSA? I've read the article and I still don't understand how this makes sense. By their logic nearly every exploit to date could be used by the NSA.

Who exactly is ioactive, because I'm sure a 10 year old could write blog software that looked better than that. The layout and HTML looks like a website from the 90s.

 

I don't think it's actually related to the NSA, it's just a bit of a joke.

 

The author is Cesar Cerrudo, and I take the liberty to quote this page about his background:

http://www.blackhat.com/html/bh-us-10/bh-us-10-speaker_bios.html



Cesar Cerrudo is the founder and CEO of Argeniss (www.argeniss.com), a security consultancy firm based in Argentina. He is a security researcher and consultant specializing in application security. Regarded as a leading application security researcher, Cesar is credited with discovering and helping to eliminate dozens of vulnerabilities in leading applications including Microsoft SQL Server, Oracle database server, IBM DB2, Microsoft BizTalk Server, Microsoft Commerce Server, Microsoft Windows, Yahoo! Messenger, etc. Cesar has authored several white papers on database, application security, attacks and exploitation techniques and he has been invited to present at a variety of companies and conferences including Microsoft, Black Hat, Bellua, CanSecWest, EuSecWest, WebSec. HITB, Microsoft BlueHat, EkoParty, etc. Cesar collaborates with and is regulary quoted in print and online publications including eWeek, ComputerWorld, and other leading journals.

The part about NSA

 

That's quite a nice history!

I guess, I don't see a mention of it anywhere else.

 

Why would they use it when they have Nasus