When significant functionality and backwards compatibility is required and money is limited, I'll happily work for red team, when brick is a valid solution, I will happily work for blue team.

As long as this attitude persists IT will continue to be viewed by people outside of it with the same degree of respect as your average mercenary.

Consider that in a just world you'd be in jail. Does the money still look that good?

The US carefully developed its cyber security plan during the word press macro era. Let's send the FBI to foreign countries in the hopes of arresting teenagers who learned how to cut and paste, genius.

Unfortunately, it forgets how to do this if the country is Israel instead of the Philippines.

Is there some solution in that to making sure 100% of possible red team members are more aligned with the profit interests of the US' strategic private companies than the US strategic partners in running illegal conspiracies?

I'm baffled as to what utopia of a profession has global tool collaboration and consequences, but somehow manages to deal with 230 groups of nationalists, thousands of sects, and embargo's on any one group paying people across all of these to provide a regulatory framework for safe and human benefiting tools in their category with no edge cases. If such a regulatory framework existed maybe it would shut down these mobile phone companies over behavioral harm?

Personal responsibility is where this starts. Not with the US, not with Israel or the Philippines. It starts with us, the technical people that do these things.

That makes no sense. A whole bunch of Americans won't do anything in this area because the US legal system is whimsical. But some nationalist professor was going to agree to make StuxNet, and maybe they were right, we certainly aren't going to all get to reach them to debate. So what is achieved?

Would Apple being totally incompetent at security and fighting exploits from NK prison labor, eventually with about the same fail rate, be a better world?

Export control on thoughts didn't work, so total disarmament on thoughts won't work. Prioritize security, cut out some of the entertainment and useless features through regulation because brain candy always wins in an unregulated market.

I'm not in the US. I don't work for Apple. And yet I can guarantee you that my work - assuming I'd be that capable in the first place - is used to reduce the security of various platforms through 'research' that leads to the existence of more zero days. You won't find me on anybody's red team.

So personal responsibility is where it starts and there isn't a fig leaf large enough that would allow you to pretend otherwise.

If these software updates are embargoed to some countries then your discovery is a tool of cyberwar under a fig leaf.

While I believe selling zero days to NSO group is significantly worse than working for Google or building surveillance capitalism software - we are mercenaries. Like 60% of software work is vehemently anti-middle class. Almost all of us have either contributed to some spying apparatus (analytics platforms), build some automation that replaced several humans, or developed something that contributed to the environmental destruction of our planet.

Let's be clear though, I'm not saying tech is bad. We'd all be doing manual labor on a a farm without it. I do think our demographic (including myself) has completely set aside any consideration for our impact in the name of optimization or a fat paycheck.

It is natural forcing function on Apple to improve.

Evolution playing before our eyes.