https://en.wikipedia.org/wiki/Inslaw#Inslaw_Affair_divides_into_two_separate_issues
Clearly you should make a request for the source code for the the Promis software as used by the FBI. It's public domain. On Thu, Dec 10, 2015 at 3:54 AM, coderman <[email protected]> wrote: > On 12/9/15, coderman <[email protected]> wrote: > > a most recent Glomar: > > > > "Disclosure timeline and decision making rationale for disclosure of > > vulnerability MS14-066 / CVE-2014-6321 - "Vulnerability in Schannel > > Could Allow Remote Code Execution (2992611)" to Microsoft Corporation > > as part of the Vulnerabilities Equities Process. Please include > > timeline for initial discovery with source of discovery, first > > operational use, and finally, date for vendor notification." > > - > > > https://www.muckrock.com/foi/united-states-of-america-10/discloseddisgustagency-22289/ > > > > "The request has been rejected, with the agency stating that it can > > neither confirm nor deny the existence of the requested documents." > > - > > > https://www.muckrock.com/foi/united-states-of-america-10/discloseddisgustagency-22289/#comm-209022 > > > reply(appeal): > ''' > I reject and demand appeal of your rejection of this request. > > First and foremost, please recognize that the GSF Explorer, formerly > USNS Hughes Glomar Explorer (T-AG-193), for which this Glomar response > is so named, was a purely military operation, using custom-built > military equipment, on an exceptionally sensitive military mission to > recover military equipment. Observe that the "Vulnerabilities Equities > Process" is a public outreach activity communicating with third party > partners, acting in the public interest regarding software used by > public citizens and business alike - a scenario at opposite ends and > means from which this denial blindly overreaches. > > Second, observe that existing precedent supports the release of > materials responsive to this request. In American Civil Liberties > Union v. Department of Defense Case No: 04-CV-4151 (ACLU v. DoD) the > courts have affirmed the public interest as compelling argument for > favoring the public interest against clearly military efforts. The > Glomar denial should be well targeted; this targeted falls well > outside of the the "Vulnerabilities Equities Process", which is a > public outreach activity communicating with third party partners, > acting in the public interest, regarding software used by public > citizens and business alike. > > Third, consider that it is a well established technique in the > information security industry to identify the origin and nature of a > defect discovery and disclosure timeline. This information is used for > myriad of secondary research, analysis, and automation efforts > spanning numerous industries. The utility of of disclosure timeline > information and context has decades of rich support and strong > evidence of public interest benefit, particularly regarding long > reported and fixed defects, such as this one, which has patches > available for over a year. > > Fourth, observe that every hour of expert opinion coupled with legal > review amounts to a non-trivial expenditure of hours which are a sunk, > throw away cost of FOIA communication. While as a taxpayer I > appreciate the service of FOIA professionals such as those involved in > this request, who provide tireless effort the all hundreds of millions > of US citizens, my personal cost should be recognized. For this reason > a deference in favor of public interest and disclosure is well > supported for this request regarding the "Vulnerabilities Equities > Process", which is a public outreach activity communicating with third > party partners, acting in the public interest, regarding software used > by public citizens and business alike. > > Thank you for your time, and best regards, > ''' > - > https://www.muckrock.com/foi/united-states-of-america-10/discloseddisgustagency-22289/#comm-209748 > >
