NSA denies exploiting Heartbleed security flaw

[highlight]The report said the secretive intelligence agency has more than 1,000 experts devoted to ferreting out these kinds of flaws[/highlight] and found the Heartbleed glitch shortly after its introduction.

The agency then made it part of its “toolkit for stealing account passwords and other common tasks,” the report said.

The flat-out denial from the NSA and The White House of any prior Heartbleed knowledge and exploitation, is to be expected, and they would only be saying different if a whistle-blower could prove that they had exploited Heartbleed.

It's inconceivable that the NSA has not studied all versions of OpenSSL from every angle to find vulnerabilities, the NSA had to have known about Heartbleed and must surely have exploited it.

I'm more concerned about the Black Hats out there that probably also knew about the Heartbleed vulnerability and exploited it for criminal activities.

The history surrounding how this vulnerability was introduced (it wasn't in older versions of OpenSSL) needs some serious investigation.

I doubt that Heartbleed is a bug and I suspect that it was most likely deliberately introduced.
 
The flat-out denial from the NSA and The White House of any prior Heartbleed knowledge and exploitation, is to be expected, and they would only be saying different if a whistle-blower could prove that they had exploited Heartbleed.

It's inconceivable that the NSA has not studied all versions of OpenSSL from every angle to find vulnerabilities, the NSA had to have known about Heartbleed and must surely have exploited it.

I'm more concerned about the Black Hats out there that probably also knew about the Heartbleed vulnerability and exploited it for criminal activities.

The history surrounding how this vulnerability was introduced (it wasn't in older versions of OpenSSL) needs some serious investigation.

I doubt that Heartbleed is a bug and I suspect that it was most likely deliberately introduced.

You are basically describing the role of intelligence in all functional government.
 
You are basically describing the role of intelligence in all functional government.

:confused:

Are you implying that SA's State Security Agency and dysfunctional government are too busy spying on SABC reporters to have studied OpenSSL and made use of Heartbleed?
 
:confused:

Are you implying that SA's State Security Agency and dysfunctional government are too busy spying on SABC reporters to have studied OpenSSL and made use of Heartbleed?

:wtf: My words are what I said, your implications are your own.
 

That was also my reaction to your previous post which seemed to have nothing to do with about 50%+ of my original post that you quoted in its entirety.

I didn't disagree with your previous post: the role, motives and behaviours of intelligence agencies is common knowledge.
 
That was also my reaction to your previous post which seemed to have nothing to do with about 50%+ of my original post that you quoted in its entirety.

I didn't disagree with your previous post: the role, motives and behaviours of intelligence agencies is common knowledge.

:wtf:
 
Top
Sign up to the MyBroadband newsletter