DEV Community

Discussion on: Microsoft is absolutely at fault for WannaCry

 
bbirdiman profile image
bowerbird

so you disagree with this article's point. that's fine.

but the government knew about this vulnerability.

so, what you believe is that the government knows more about microsoft's code than microsoft itself, more than the programmers who wrote that code.

and you believe the government explicitly decided not to inform microsoft about its code's deficiency.

who knows? you might be right. i certainly don't know.

but you don't have any more "proof" for your position than i have for mine, and it's disingenuous to imply so.

i think it's far more likely that both the government and microsoft knew about this hole in the fence, and rather than patch it, they decided to monitor it closely instead, to catch any bad guys who might try to slip through it... (and yes, use it themselves, also to catch the bad guys.)

of course, once the hole was widely known to the public, and thus garden-variety criminals, they had to patch it.

but up until that time, it was more useful as a honeypot.

and once you see a "vulnerability" can be used this way, it doesn't take a whole lot of imagination to propose that you introduce a few of them, or a few dozen, as tools...

but, of course, you'd have to be very careful to not leave any "proof" that you'd done that. and you would have to publicly disavow such efforts, and have plausible deniability. maybe even have a law that you are not allowed to admit it. you could call it a "national security letter", or some such.

and now i doff my tin-foil hat to all of you, and exit...

but again, please believe whatever you need to believe.

-bowerbird