{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,19]],"date-time":"2025-11-19T07:03:23Z","timestamp":1763535803579,"version":"3.41.0"},"reference-count":17,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2020,12,17]],"date-time":"2020-12-17T00:00:00Z","timestamp":1608163200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Commun. ACM"],"published-print":{"date-parts":[[2021,1]]},"abstract":"<jats:p>Are U.S. government employees behaving ethically when they stockpile software vulnerabilities?<\/jats:p>","DOI":"10.1145\/3393670","type":"journal-article","created":{"date-parts":[[2020,12,17]],"date-time":"2020-12-17T23:39:35Z","timestamp":1608248375000},"page":"97-103","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":9,"title":["The ethics of zero-day exploits---"],"prefix":"10.1145","volume":"64","author":[{"given":"Stephen B.","family":"Wicker","sequence":"first","affiliation":[{"name":"Cornell University, Ithaca, NY"}]}],"member":"320","published-online":{"date-parts":[[2020,12,17]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits","author":"Ablon L.","year":"2017","unstructured":"Ablon , L. and Bogart , A . Zero Days , Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits . The RAND Corporation , 2017 , Santa Monica, CA, USA. Ablon, L. and Bogart, A. Zero Days, Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits. The RAND Corporation, 2017, Santa Monica, CA, USA."},{"key":"e_1_2_1_2_1","volume-title":"Cyber-Attack: Europol says it was unprecedented in scale","author":"News","year":"2017","unstructured":"BBC News . Cyber-Attack: Europol says it was unprecedented in scale . May 13, 2017 ; http:\/\/www.bbc.com\/news\/world-europe-39907965. BBC News. Cyber-Attack: Europol says it was unprecedented in scale. May 13, 2017; http:\/\/www.bbc.com\/news\/world-europe-39907965."},{"key":"e_1_2_1_3_1","volume-title":"An Introduction to the Principles of Morals and Legislation","author":"Bentham J.","year":"1970","unstructured":"Bentham , J. An Introduction to the Principles of Morals and Legislation . London , 1789. Also in Collected Works. J.H. Burns and H. L. A. Hart, Eds. Clarendon Press , Oxford, U.K., 1970 . Bentham, J. An Introduction to the Principles of Morals and Legislation. London, 1789. Also in Collected Works. J.H. Burns and H. L. A. Hart, Eds. Clarendon Press, Oxford, U.K., 1970."},{"volume-title":"Proceedings of the 2012 ACM Conf. Computer and Communications Security, 833--844","author":"Bilge L.","key":"e_1_2_1_4_1","unstructured":"Bilge , L. and Dumitras . Y. Before we knew it: An empirical study of zero-day attacks in the real world . In Proceedings of the 2012 ACM Conf. Computer and Communications Security, 833--844 . Bilge, L. and Dumitras. Y. Before we knew it: An empirical study of zero-day attacks in the real world. In Proceedings of the 2012 ACM Conf. Computer and Communications Security, 833--844."},{"key":"e_1_2_1_5_1","volume-title":"May 12","author":"Brewster T.","year":"2017","unstructured":"Brewster , T. An NSA Cyber weapon might be behind a massive global ransomware outbreak. Forbes , May 12 , 2017 ; https:\/\/bit.ly\/3l3qwGu Brewster, T. An NSA Cyber weapon might be behind a massive global ransomware outbreak. Forbes, May 12, 2017; https:\/\/bit.ly\/3l3qwGu"},{"key":"e_1_2_1_6_1","volume-title":"Heartbleed: Understanding When We Disclose Cyber Vulnerabilities","author":"Daniel M.","year":"2014","unstructured":"Daniel , M. Heartbleed: Understanding When We Disclose Cyber Vulnerabilities . Whitehouse .gov blog, ( April 28, 2014 ). Daniel, M. Heartbleed: Understanding When We Disclose Cyber Vulnerabilities. Whitehouse.gov blog, (April 28, 2014)."},{"key":"e_1_2_1_7_1","volume-title":"May 26","author":"Islam A.","year":"2017","unstructured":"Islam , A. , Oppenheim , N. , Thomas , W. SMB exploited: WannaCry use of 'EternalBlue.' FireEye , May 26 , 2017 ; https:\/\/bit.ly\/3n3Z2m7 Islam, A., Oppenheim, N., Thomas, W. SMB exploited: WannaCry use of 'EternalBlue.' FireEye, May 26, 2017; https:\/\/bit.ly\/3n3Z2m7"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1093\/acprof:oso\/9780195189698.001.0001"},{"key":"e_1_2_1_9_1","volume-title":"The Defender's Dilemma: Charting a Course Toward Cybersecurity","author":"Libicki M.C.","year":"2015","unstructured":"Libicki , M.C. , Ablon , L. , Webb , T. The Defender's Dilemma: Charting a Course Toward Cybersecurity . The RAND Corporation , 2015 , Santa Monica, CA, USA. Libicki, M.C., Ablon, L., Webb, T. The Defender's Dilemma: Charting a Course Toward Cybersecurity. The RAND Corporation, 2015, Santa Monica, CA, USA."},{"key":"e_1_2_1_10_1","volume-title":"Code Complete: A Practical Handbook of Software Construction","author":"McConnell S.","year":"2004","unstructured":"McConnell , S. Code Complete: A Practical Handbook of Software Construction . Microsoft Press , Redmond, WA, USA , 2004 . McConnell, S. Code Complete: A Practical Handbook of Software Construction. Microsoft Press, Redmond, WA, USA, 2004."},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1900546.1900559"},{"key":"e_1_2_1_12_1","volume-title":"Washington Post, (June 14","author":"Nakashima E.","year":"2017","unstructured":"Nakashima , E. The NSA has linked the WannaCry computer worm to North Korea . Washington Post, (June 14 , 2017 ); https:\/\/wapo.st\/2SpSPmB Nakashima, E. The NSA has linked the WannaCry computer worm to North Korea. Washington Post, (June 14, 2017); https:\/\/wapo.st\/2SpSPmB"},{"key":"e_1_2_1_13_1","volume-title":"NSA's top talent is leaving because of low pay, slumping morale and unpopular reorganization. Washington Post (Jan. 2","author":"Nakashima E.","year":"2018","unstructured":"Nakashima , E. and Gregg , A . NSA's top talent is leaving because of low pay, slumping morale and unpopular reorganization. Washington Post (Jan. 2 , 2018 ); https:\/\/wapo.st\/30m9Xh9 Nakashima, E. and Gregg, A. NSA's top talent is leaving because of low pay, slumping morale and unpopular reorganization. Washington Post (Jan. 2, 2018); https:\/\/wapo.st\/30m9Xh9"},{"key":"e_1_2_1_14_1","volume-title":"ZDNet, (Sept. 14","author":"Ryan N.","year":"2010","unstructured":"Ryan , N. Stuxnet attackers used 4 Windows zero-day exploits . ZDNet, (Sept. 14 , 2010 ); http:\/\/www.zdnet.com\/article\/stuxnet-attackers-used-4-windows-zero-day-exploits\/ Ryan, N. Stuxnet attackers used 4 Windows zero-day exploits. ZDNet, (Sept. 14, 2010); http:\/\/www.zdnet.com\/article\/stuxnet-attackers-used-4-windows-zero-day-exploits\/"},{"key":"e_1_2_1_15_1","first-page":"21","article-title":"What's the Right Thing to Do? Farrar, Straus, and Giroux, New York","author":"Sandel M.","year":"2009","unstructured":"Sandel , M. Justice : What's the Right Thing to Do? Farrar, Straus, and Giroux, New York , NY , 2009 , 21 . Sandel, M. Justice: What's the Right Thing to Do? Farrar, Straus, and Giroux, New York, NY, 2009, 21.","journal-title":"NY"},{"key":"e_1_2_1_16_1","volume-title":"Government's Role in Vulnerability Disclosure: Creating a Permanent and Accountable Vulnerability Equities Process. Discussion Paper 2016-04","author":"Schwartz A.","year":"2016","unstructured":"Schwartz , A. and Knake , R . Government's Role in Vulnerability Disclosure: Creating a Permanent and Accountable Vulnerability Equities Process. Discussion Paper 2016-04 . Harvard University , Belfer Center , Cambridge, MA, USA, June 2016 . Schwartz, A. and Knake, R. Government's Role in Vulnerability Disclosure: Creating a Permanent and Accountable Vulnerability Equities Process. Discussion Paper 2016-04. Harvard University, Belfer Center, Cambridge, MA, USA, June 2016."},{"key":"e_1_2_1_17_1","volume-title":"Fuzzing: Brute Force Vulnerability Discovery","author":"Sutton M.","year":"2007","unstructured":"Sutton , M. , Greene , A. and Amini , P . Fuzzing: Brute Force Vulnerability Discovery . Addison-Wesley , Boston, MA , 2007 . Sutton, M., Greene, A. and Amini, P. Fuzzing: Brute Force Vulnerability Discovery. Addison-Wesley, Boston, MA, 2007."}],"container-title":["Communications of the ACM"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3393670","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3393670","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:41:17Z","timestamp":1750200077000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3393670"}},"subtitle":["the NSA meets the trolley car"],"short-title":[],"issued":{"date-parts":[[2020,12,17]]},"references-count":17,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2021,1]]}},"alternative-id":["10.1145\/3393670"],"URL":"https:\/\/doi.org\/10.1145\/3393670","relation":{},"ISSN":["0001-0782","1557-7317"],"issn-type":[{"type":"print","value":"0001-0782"},{"type":"electronic","value":"1557-7317"}],"subject":[],"published":{"date-parts":[[2020,12,17]]},"assertion":[{"value":"2020-12-17","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}