Portfolio 2 - Criteria B

There are many trends and developments made that have been made in the recent years that help minimize the threat of zero-day attacks. One of these developments is simply called ‘zero-day protection’. This is simply the ability to protect against zero-day exploits. It entirely relies on knowing when a particular venerability is going to occur ahead of time, therefore creating signatures in case of any attempt to take advantage of the vulnerability.

In addition, buffer overflow is another development that has been created to limit the effectiveness of zero-day memory corruption risks. It is a programming error that has a few factors behind it, one of them being a possible breach in the security system. Latest operating systems have these zero-day protections built-in in them, such as Mac OS X, Microsoft Windows Vista, Linux, UNIX, and Sun Microsystems Solaris.

Adding onto that, the legitimate trade programs of zero-day code software encourages the talented hackers to use their skills to help detect dangers and improve security of loopholes instead of taking advantage of it.

On the contrary, these protections are not guaranteed. A worm good enough could manage to fit itself through a small time window between the discovery of vulnerability and the release of a new worm trying to take advantage of it.

Portfolio 2 - Criteria A

This portfolio addresses the issue of buying and selling zero-day (zero-hour) code software of loopholes in the black market. Zero-day code software is the missing ingredient that a talented hacker would need to actually steal the information that they have managed to breach into. This is simply because they only know how to get to the data, but understanding it isn’t their area of expertise. Hence, this makes zero-day code software a problem that involves business, since it is mainly used to steal information such as credit card and banking information. Referring to the article which quotes a hacker saying “online payment systems such as PayPal, which can provide users with more anonymity that bank transfers, have given the black market an enormous boost by providing sellers with an anonymous way to collect”.

Zero-day code, however, has a positive side to it. “The practice is so widespread it’s even spawned a legitimate market”, states the article. Some legitimate researchers register for programs, such as Zero Day Initiative, to sell their discoveries to security companies and software vendors eager to improve their services and products. Looking at the negatives, zero-day finally gives hackers that chance to get through the recently increased sophistications that have been made in firewalls and many other computer protection methods. Leading online fraud and theft to increase.

The act of theft and fraud is an ethical issues related to zero-day code software. And another ethical issue connected to zero-day code is obtaining software, music, movies etc. before their official release date by taking advantage of zero-day exploits and stealing the wanted files.  These ethical issues are significant due to their big negative effects on the both the business world and society.