You think that often you’re simply getting the best security protection on your PC, by getting some security software and keeping your patches up to date. However, as reported on Boing Boing, security companies may be researching so-called “zero day” exploits and selling them to governments and companies that use them to install spyware.
Frankly this is just depressing. This means that if you’re sitting in Milwaukee, your PC is vulnerable because it’s profitable to sell a Windows exploit to Russian intelligence. Though this creates a severe drag on the Internet in general, as more botnets and virus boxes are chomping up useful resources. The example cited in Boing Boing’s post is a company called VUPEN, which claims to have exploits for every major browser.
Though they say they’re only selling these to NATO governments and partners. The bounties for the exploits are in the hundreds of thousands, so even big American companies like Northrop Grumman and Raytheon are in the game. This is essentially an electronic version of total warfare. Civilian casualties are almost certain, and you can bet that all these “armaments” aren’t necessarily being kept out of the hands of criminals either. So that means more Credit Card and identity fraud.
Though the EFF, which did the research as part of their lobbying efforts in Cyber Security, says that the government needs to lock down on this type of trade; you can bet that the NSA and CIA are knee deep in this trade with everyone else. Sadly there isn’t anyway to guarantee you aren’t being infected with these types of exploits. This one comes down to staying on sites you know, and don’t try and get something for nothing.