Bugs in the System: Mapping the Vulns Market


Kevin Bankston

New America's Open Technology Insitute

Katie Moussouris

Luta Security

Ari Schwartz

Venable LLP

Apple's legal fight with the FBI over iPhone encryption--and the FBI's highly-publicized purchase of a hacking tool to defeat that encryption--put a new spotlight on the shadowy market for software vulnerabilities. Who discovers, buys, and sells these "vulns" and the hacking tools that rely on them? When should the government disclose the vulns it buys or discovers, and how can software companies convince bug-hunters to disclose vulns so they can be fixed, rather than selling them to criminals or governments? Experts with expertise ranging from Silicon Valley to the White House to the hacker community will debate and discuss the latest developments around these controversial questions.

Primary Entry: Platinum Badge, Interactive Badge
Secondary Entry: Music Badge, Film Badge
Format: Panel
Event Type: Session
Track: Government
Level: Beginner