Hacker News new | past | comments | ask | show | jobs | submit login

But can Apple outspend all NSOs? Including the various government-backed entities?



Government-backed entities can also make promises that Apple's money can't buy. Who knows what kind of back room deals are made that involve citizenship, safe passage, dropped criminal charges, etc.


Indeed.


Big governments aren't selling their espionage services, so they're arguably less important to handle. Moreover, there is likely duplication in exploits between these groups such that buying private sector exploits and patching them will likely take a few government exploits out with them.


I wouldn’t argue that. Plus, note that there are many NSOs, and stamping them all out gets harder as you shut more of them down because prices go up.


The prices go up for the NSOs as well. At the point the price exceeds their clients' willingness to pay, the prices stop going up.


The problem is time rather than money - there are a finite number of engineering hours in a year, the only way to increase that is to add more engineers, but adding more engineers very rapidly starts costing time rather than helping.


I think the strategy suggested here was “why doesn’t Apple just buy all of NSO’s exploits”, to which I responded that doing this for all threat actors is infeasible. I think you’re talking about actually solving the security issues, which is blocked by things that aren’t just money, I agree.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: