NSA denies reports it exploited 'Heartbleed' to spy on consumers
Source: LATIMES
The National Security Agency denied a report that it has exploited the "Heartbleed" bug to spy on consumers for the past two years.
"NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private sector cybersecurity report," the agency said in a statement. "Reports that say otherwise are wrong. Reports that NSA or any other part of the government were aware of the so-called Heartbleed vulnerability before April 2014 are wrong."
The statement came in response to a story by Bloomberg on Friday that claimed the NSA had known about the vulnerability in OpenSSL since it was first introduced two years ago.
OpenSSL is the open-source encryption software that 66% of all servers on the Internet use to provide additional security. Late last week, security researchers discovered a flaw that would allow hackers using a simple piece of software to easily access user IDs and passwords.
Read more: http://www.latimes.com/business/technology/la-fi-tn-report-nsa-denies-heartbleed-bug-spy-consumers-20140411,0,5235051.story
Wow, that was fast, denial ...is not just a river in the middle east ../b]
hobbit709
(41,694 posts)RiverNoord
(1,150 posts)is virtually solid proof that they're doing whatever it is that they are denying...
ucrdem
(15,512 posts)That's been sorely lacking in this endless melodrama.
fbc
(1,668 posts)Of what use is any public statement from the NSA?
frylock
(34,825 posts)grasswire
(50,130 posts)joshcryer
(62,269 posts)Only explanation as to how they got FB chats.
marions ghost
(19,841 posts)coming from this rogue government agency?
They are obviously NOT working in our interests whatsoever.
Jesus Malverde
(10,274 posts)You have to parse their language carefully, They could have said "the vulnerability", but instead chose to narrow it down to "recently identified" it's likely they have their own slightly different exploit.
Newsjock
(11,733 posts)One that we haven't been told about yet.
Thank you, NSA, for keeping me and my family safe. You are true American patriots! Are we off? Good ... well, that oughta hold the little bastards.
pragmatic_dem
(410 posts)I predict more lying to Congress who will roll over and kiss NSA's ass begging them not to leak all the shit they've collected on the skunks.
ucrdem
(15,512 posts)No source for the claim in the Bloombag article:
http://www.democraticunderground.com/?com=view_post&forum=1014&pid=778341
p.s. FUD = Fear, Uncertainty and Doubt
MindMover
(5,016 posts)I would suggest you prove falsification of this information ... and stop calling FUD with no proof of your own ...
ucrdem
(15,512 posts)The burden is proof is on Bloombag and they failed to provide so much as a shred. Thus, FUD fail. The epic part is my contribution, I'll give you that.
MindMover
(5,016 posts)ucrdem
(15,512 posts)MindMover
(5,016 posts)ucrdem
(15,512 posts)They also presented their claims deceptively. The opinion that this failure is epic is mine, yes. But a failure to report honestly it is.
MindMover
(5,016 posts)ucrdem
(15,512 posts)not with deceptive references to its own misreporting.
MindMover
(5,016 posts)organization in American history, with maybe the CIA holding a close second ....
You are being an apologist for a highly disliked, distrusted, devious entity that really has little to no oversight ...
ucrdem
(15,512 posts)I suppose I'll be told next that it was all just a big misunderstanding.
MindMover
(5,016 posts)involvement in your life and the lives of every American ....
whatever your reasoning about this article, there is no justification for an agency of the USA being so totally above any law ....
ucrdem
(15,512 posts)MindMover
(5,016 posts)Where is your proof that it is false reporting ... ?
ucrdem
(15,512 posts)The NSA said in response to a Bloomberg News article that it wasnt aware of Heartbleed until the vulnerability was made public by a private security report. The agencys reported decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the governments top computer experts.
http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html
Articles reporting same found via Google search all point to this same Bloombag whopper as a source.
Epic FUD fail, and no this doesn't mean I heart the NSA.
http://www.democraticunderground.com/?com=edit&forum=1014&thread=778121&pid=778341
MindMover
(5,016 posts)Discredit, belittle, misinformation are all trademarks of the agency you are supporting ....
BlindTiresias
(1,563 posts)ucrdem
(15,512 posts)The simultaneous "discoveries" of this flaw seem to me suspicious, but interesting nonetheless.
blkmusclmachine
(16,149 posts)PSPS
(13,588 posts)Also notice the use of the noun "consumers."
I won't consider the NSA as trustworthy (or this as America anymore) until they raze the 240-acre hard drive in Utah.
pa28
(6,145 posts)At this point I just assume they are lying outright or lying by omission.
Pholus
(4,062 posts)1) We considered it a valuable feature, not a vulnerability.
2) We called it a way cooler codename, not some lame "Heartbleed."
3) April 2014 was the first time we heard the name "Heartbleed."
4) You guys are idiots, there is actually a bigger vulnerability that you haven't found yet.
It's simple to understand what they're saying if you read it as the ramblings of the world's largest sociopath.
PercievingBalance
(16 posts)That they capitalized on the vulnerability to keep America safe or that they didn't make us aware of the vulnerability when they supposedly found out about it?
neverforget
(9,436 posts)Kelvin Mace
(17,469 posts)until it has been officially denied.