The NSA denies that the agency knew about the bug – and they expect us to believe them.
Bloomberg has the story:
The U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said.
The agency’s reported decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government’s top computer experts. The NSA, after declining to comment on the report, subsequently denied that it was aware of Heartbleed until the vulnerability was made public by a private security report earlier this month.
Tech tips here:
- Mashable: The Heartbleed Hit List: The Passwords You Need to Change Right Now
- Heartbleed.com has comprehensive technical information
Tags: NSA