Recent actions by the U.K. and Germany set a new bar for how nations can and should use a vulnerabilities equities process.
Latest in Vulnerabilities Equities Reform
A new study published by the RAND Corporation suggests the VEP might be working fine, even if it produces little to no disclosure.
A response to the recent news of both the FBI's use of a vulnerability to hack into a Tor-protected child pornography site and the Rule 41 change.
The Lawfare Podcast: Dave Aitel and Matt Tait on How "Everything You Know About the Vulnerability Equities Process Is Wrong”
Dave Aitel and Matt Tait come on the podcast to discuss their recent Lawfare essay critiquing the current status of the Vulnerability Equities Process.
The vulnerability equities process (VEP) is broken. Because the VEP is a matter of Administration policy, the new administration should take the opportunity to devise a strategy that works.
The technology and investigative process around lawful hacking and vulnerabilities equities is not yet ripe for broad frameworks.
Recent scholarship on the Vulnerabilities Equities Process provokes interesting question about the ultimate goals of equities balancing reform and the best vehicle to accomplish those aims.