#CyberFLASH: Hackers say the Canadian government doesn’t want their help

cybersecurity-casino-rama

The U.S. Department of Defence has turned to well-intentioned hackers and independent security researchers to help the government agency find software bugs and vulnerabilities in its computer systems.

But in Canada, the government appears to still have no formal policy or public guidelines, which makes it difficult for those who do find flaws to know what to do, or how the government might respond.

“There’s no formal process,” says Imran Ahmad, a partner at the law firm Miller Thomson who works with clients on cybersecurity related issues. In the absence of such a process, he says, those who find flaws “just don’t know how the government’s going to react, and they just want to protect themselves.”

“My advice to anyone who finds a flaw in a government website at this time would be to forget they ever saw it,” wrote web developer and security researcher Kevin McArthur in an email.

In the past, companies and governments often threatened security researchers and coders who found and published details about vulnerabilities in software with litigation, prompting the adoption of an informal process called “responsible disclosure.”

Read more here

Delacourt: A bigger problem than man vs. machine

OTTAWA—Somewhere out there, a new Canadian political movement could be born, with one main mission — smash the machines.

In case you haven’t noticed, some of the biggest impediments to democracy and free speech lately have been technology-related.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.