[–] boodm 9y ago ↗ What stops the NSA from buying the tools? [–] lern_too_spel 9y ago ↗ These tools are years old. They can just report these vulnerabilities to the vendors and use their new exploits. [–] jlgaddis 9y ago ↗ Nothing?We don't know that they didn't buy (some of) these particular exploits (in the recent "dump") and, in fact, it's very likely that they do buy exploits. I imagine that CNE of high-value targets is an area where they could "never have enough".
[–] lern_too_spel 9y ago ↗ These tools are years old. They can just report these vulnerabilities to the vendors and use their new exploits.
[–] jlgaddis 9y ago ↗ Nothing?We don't know that they didn't buy (some of) these particular exploits (in the recent "dump") and, in fact, it's very likely that they do buy exploits. I imagine that CNE of high-value targets is an area where they could "never have enough".
[–] jlgaddis 9y ago ↗ From the linked "FOXACID SOP for Operational Management of FOXACID Infrastructure" document:> What can cause [FOXACID] exploitation failure?> JavaScript turned off> ...> Browser has extensions loaded. This causes certain exploits to fail.
4 comments
[ 2.1 ms ] story [ 23.4 ms ] threadWe don't know that they didn't buy (some of) these particular exploits (in the recent "dump") and, in fact, it's very likely that they do buy exploits. I imagine that CNE of high-value targets is an area where they could "never have enough".
> What can cause [FOXACID] exploitation failure?
> JavaScript turned off
> ...
> Browser has extensions loaded. This causes certain exploits to fail.