This concept refers to a specific exploit / vulnerability that has been brought to the attention of the NSA that it decides to leave unpatched (or instructs the relevant vendor [i.e., Microsoft or Intel, for example, to leave unpatched]) in cases where the agency believes that they are the only ones with the knowledge, sophistication and resource to actually leverage a compromising attack against the software that utilizes the specific vulnerability / exploit that has been brought to their attention.
According to a statement from NSA Director Michael Hayden:
"You look at a vulnerability through a different lens if even with the vulnerability it requires substantial computational power or substantial other attributes and you have to make the judgment who else can do this? If there's a vulnerability here that weakens encryption but you still need four acres of Cray computers in the basement in order to work it you kind of think "NOBUS" and that's a vulnerability we are not ethically or legally compelled to try to patch – it's one that ethically and legally we could try to exploit in order to keep Americans safe from others."
This concept refers to a specific exploit / vulnerability that has been brought to the attention of the NSA that it decides to leave unpatched (or instructs the relevant vendor [i.e., Microsoft or Intel, for example, to leave unpatched]) in cases where the agency believes that they are the only ones with the knowledge, sophistication and resource to actually leverage a compromising attack against the software that utilizes the specific vulnerability / exploit that has been brought to their attention.
According to a statement from NSA Director Michael Hayden:
"You look at a vulnerability through a different lens if even with the vulnerability it requires substantial computational power or substantial other attributes and you have to make the judgment who else can do this? If there's a vulnerability here that weakens encryption but you still need four acres of Cray computers in the basement in order to work it you kind of think "NOBUS" and that's a vulnerability we are not ethically or legally compelled to try to patch – it's one that ethically and legally we could try to exploit in order to keep Americans safe from others."
BY LibreCryptography
Warning: Undefined variable $i in /var/www/tg-me/post.php on line 283
Telegram is riding high, adding tens of million of users this year. Now the bill is coming due.Telegram is one of the few significant social-media challengers to Facebook Inc., FB -1.90% on a trajectory toward one billion users active each month by the end of 2022, up from roughly 550 million today.
Telegram auto-delete message, expiring invites, and more
elegram is updating its messaging app with options for auto-deleting messages, expiring invite links, and new unlimited groups, the company shared in a blog post. Much like Signal, Telegram received a burst of new users in the confusion over WhatsApp’s privacy policy and now the company is adopting features that were already part of its competitors’ apps, features which offer more security and privacy. Auto-deleting messages were already possible in Telegram’s encrypted Secret Chats, but this new update for iOS and Android adds the option to make messages disappear in any kind of chat. Auto-delete can be enabled inside of chats, and set to delete either 24 hours or seven days after messages are sent. Auto-delete won’t remove every message though; if a message was sent before the feature was turned on, it’ll stick around. Telegram’s competitors have had similar features: WhatsApp introduced a feature in 2020 and Signal has had disappearing messages since at least 2016.
