...here's one result:
http://www.techdirt.com/articles/20130614/02110223467/microsoft-said-to-give-zero-day-exploits-to-us-government-before-it-patches-them.shtml
Bloomberg came out with quite a bombshell last night, discussing how lots of tech companies apparently work with the NSA and other government agencies, not to pass data on users over to the government, but to share exploit information, sometimes before it's public or patched -- in some cases so it can be useful for the US government to use proactively. Last month, we had written about how the feds were certainly collecting hacks and vulnerabilities for offensive purposes, but it wasn't clear at the time that some of these exploits were coming directly from the companies themselves.
The report names one major participant: Microsoft:
Microsoft Corp. (MSFT), the world’s largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. That information can be used to protect government computers and to access the computers of terrorists or military foes.
Redmond, Washington-based Microsoft (MSFT) and other software or Internet security companies have been aware that this type of early alert allowed the U.S. to exploit vulnerabilities in software sold to foreign governments, according to two U.S. officials. Microsoft doesn’t ask and can’t be told how the government uses such tip-offs, said the officials, who asked not to be identified because the matter is confidential.
= new reply since forum marked as read
