Those agencies warning us of global warming and saturated fats act as if they have such a duty to warn, although there doesn't seem to be any penalty for failure.
Anecdotally, the movies are rife with scenes in which a law enforcement officer warns a mobster under surveillance that there's a contract out on him. Does that really happen? Don't know.
But how about malware vulnerabilities on someone's computer which the government knows about? It could be subverted by the agency into a spy tool. Or they could warn the individual or company of the danger. Apparently, that's an ethical dilemma they are trying to navigate.
This is brought to our attention in The Zero-Day Dilemma: Should Government Disclose Company Cyber Security Gaps?.
In that article Levi Maxey provides both sides of the issue. On one hand, the possibility that the vulnerability is discovered by someone inclined to misuse it isn't that great. On the other hand, an agency with knowledge about it may itself be vulnerable to Snowden like spies. But they have no duty to disclose it to the vulnerable entity.
It's a jungle out there on the net. The best advice is to keep operating systems and software, especially antivirus software, updated.
Comments