A Response to “The Tech”: Continuing the Vulnerability Equities Process Debate

1.0Just Securityhttps://www.justsecurity.orgA Response to “The Tech”: Continuing the Vulnerability Equities Process Debate - Just Securityrich600338<blockquote class="wp-embedded-content" data-secret="d8ybO1nX5l"><a href="https://www.justsecurity.org/32883/response-the-tech-continuing-vulnerability-equities-process-debate/">A Response to “The Tech”: Continuing the Vulnerability Equities Process Debate</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://www.justsecurity.org/32883/response-the-tech-continuing-vulnerability-equities-process-debate/embed/#?secret=d8ybO1nX5l" width="600" height="338" title="“A Response to “The Tech”: Continuing the Vulnerability Equities Process Debate” — Just Security" data-secret="d8ybO1nX5l" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script type="text/javascript"> /* <![CDATA[ */ /*! This file is auto-generated */ !function(d,l){"use strict";l.querySelector&&d.addEventListener&&"undefined"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),o=l.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),c=new RegExp("^https?:$","i"),i=0;i<o.length;i++)o[i].style.display="none";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute("style"),"height"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):"link"===t.message&&(r=new URL(s.getAttribute("src")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener("message",d.wp.receiveEmbedMessage,!1),l.addEventListener("DOMContentLoaded",function(){for(var e,t,s=l.querySelectorAll("iframe.wp-embedded-content"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute("data-secret"))||(t=Math.random().toString(36).substring(2,12),e.src+="#?secret="+t,e.setAttribute("data-secret",t)),e.contentWindow.postMessage({message:"ready",secret:t},"*")},!1)))}(window,document); /* ]]> */ </script> In my recent Just Security piece, I argued that Aitel and Tait’s suggestions in Lawfare to focus the Vulnerability Equities Process (VEP) more narrowly on strategic intelligence concerns would neuter other important purposes the VEP serves. Aitel and Tait disagreed with me on Twitter and in a post Aitel independently authored. As I stated in […]https://i0.wp.com/www.justsecurity.org/wp-content/uploads/2017/12/blue-logo.png?fit=178%2C60&ssl=117860