(C) Alec Muffett's DropSafe blog.
Author Name: Alec Muffett
This story was originally published on allecmuffett.com. [1]
License: CC-BY-SA 3.0.[2]


EU Post-Pegasus Report, drawing on EDRi paper (?) calls for regulation of vulnerability disclosure

2022-11-26 03:03:43+00:00

I don’t know who needs to hear this, but this (in the current report draft) is a very, very bad idea.

https://www.europarl.europa.eu/doceo/document/PEGA-PR-738492_EN.pdf

> Sophie in ‘t Veld

Vulnerabilities



151. Without vulnerabilities in software, it would be impossible to install and deploy spyware. Therefore, in order to regulate the use of spyware, the discovery, sharing and exploitation of vulnerabilities have to be regulated as well [290]. Despite the strengthening of the defence of digital systems required and encouraged by the NIS2 Directive and the proposal for the Cyber Resilience Act, it is nearly impossible to develop systems without vulnerabilities.



…



290 Ot van Daalen, intervention in PEGA 27 October 2022; EDRi Paper: Breaking encryption will doom our freedoms and rights

https://edri.org/wp-content/uploads/2022/10/EDRi-Position-Paper-Encryption.pdf

https://www.enisa.europa.eu/news/enisa-news/coordinated-vulnerability-disclosure-policies-in-the-eu
[END]

[1] URL: https://alecmuffett.com/article/16445
[2] URL: https://creativecommons.org/licenses/by-sa/3.0/

DropSafe Blog via Magical.Fish Gopher News Feeds:
gopher://magical.fish/1/feeds/news/alecmuffett/

You are viewing proxied material from magical.fish. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.