During the iPhone unlocking debate pertaining to the San Bernadino shooter, critics wanted Apple to create a version of iOS for the government to use, under the promise that it would never escape their safe hands and get into the wild.
Apple, of course, vehemently argued against that. Thank goodness Apple did not submit to that. Last week’s WannaCry ransomeware was vindication that Apple did the right thing. The hack used by the perpetrators–who apparently has ties to North Korea–was part of stolen NSA espionage tools that made its way online last last year.
From the Washington Post:
The hack renewed a long-running debate about the dangers of intelligence agencies such as the NSA collecting and using software flaws for espionage, rather than quickly alerting companies to vulnerabilities so they can fix them.
In this case, the NSA found a flaw in Microsoft software that made the hack possible. The agency reported the flaw to the company after a security breach was discovered in August, according to former U.S. officials speaking on the condition of anonymity because of the sensitivity of the topic.
Microsoft fixed the problem in a patch it released in March, before a group calling itself the “Shadow Brokers” publicly released it online in April.
But system administrators appear to have applied the patch inconsistently, leaving some computers vulnerable. The vulnerability gave the hackers what amounted to a lock pick to the Microsoft software on computers that did not receive the update from the company or that used outdated operating systems.