"The company makes its coin by identifying zero-day flaws in computer systems and selling the knowledge to its client base. Customers include the US Department of Defense and DARPA,"
Sigh.
Vulnerability analysis outfit Exodus Intelligence has warned that the Tails operating system has a number of critical vulnerabilities that can expose the identity of its users if properly finessed by an attacker. Tails, which received a recommendation from fugitive whistleblower Edward Snowden, is a Debian Linux–based OS …
It's so bizarre that companies try to mislead. Chances are, like with most undiscovered security holes, the NSA /US/British Government have paid for them to keep quiet about it whilst they exploit it. That means TAILS has been exploited for God knows how long
Regardless, if they operate in the US they are subject to the Patriot Act anyway, which means whether they want to or not they have to give their findings to the State. And then everyone that nothing has happened. We all saw what happened when Lavabit tried to oppose it openly.
My conscience wouldn't let me work for a company like that, not even as a floor sweeper. These people are worse than the the organisations they sell the information to.
I have the same contempt for them as I have for blackmailers, who also make money out of other people's suffering - and that is a certainty with the snooping that will result.
Everything has flaws, especially code that's just hacked together. The question is, how bad are these flaws? Is the flaw something that we can expect to be exploited by a script kiddie, or is it something that leaks data that requires mathematical analysis for it to be informative?
If the Tails distro has bugs in it like fleas on a junkyard dog, I want to know! Not only do public alerts tell us what's going on, but it gives those of us who code a chance to fix problems.