Linked by Thom Holwerda on Fri 11th Apr 2014 20:21 UTC
Privacy, Security, Encryption

The U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said.

The NSA's decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government’s top computer experts.

I'm so surprised.

Update: NSA denies.

Permalink for comment 586971
To read all comments associated with this story, please click here.
RE: I don't think so...
by cdude on Sat 12th Apr 2014 10:08 UTC in reply to "I don't think so..."
Member since:

NSA even buys off security vulnerabilities from all kind of companies, uses those vulnerabilities and do NOT report them, keeping them open for anybody else. This is offical known, there are millions of dollar spend on that every year and never ever, not one single time, did they report any such security hole nor did they care if others are using it against e.g. US companies. This just isn't there mission, they are not into defense but into data-collection. And therr is no control how that happens.

What makes you think its all different this time with this vulnerability? Because NSA denies? Because the new General Alexander says so? Yeah, the least untruthful lie, thats what they gave to congress. But hey, its all different this time, it just must be!!1

p.s. see also - its not like we didn't expect it to happen. Its just that Obama picked the wrong choice and it has consequences. Expect more of them.

Edited 2014-04-12 10:19 UTC

Reply Parent Score: 2