AnCaps
ANARCHO-CAPITALISTS
Bitch-Slapping Statists For Fun & Profit Based On The Non-Aggression Principle
 
HomePortalGalleryRegisterLog in

 :: Anarcho-Capitalist Categorical Imperatives :: AnCaps In Science, Technology & Environment
 

 NSA exploited Heartbleed for two years claim insiders

View previous topic View next topic Go down 
AuthorMessage
CovOps

CovOps

Female Location : Ether-Sphere
Job/hobbies : Irrationality Exterminator
Humor : Über Serious

NSA exploited Heartbleed for two years claim insiders Vide
PostSubject: NSA exploited Heartbleed for two years claim insiders    NSA exploited Heartbleed for two years claim insiders Icon_minitimeSat Apr 12, 2014 8:15 pm
The NSA has not only known about the Heartbleed bug for at least two years, but exploited it in regular surveillance attacks, insider sources have alleged, opting to keep the security flaw a secret because of its value to intelligence gathering. Heartbleed, which has forced companies big and small to update the security of their sites after a flaw in the SSL believed to be keeping users' details safe, has prompted a mass change in passwords over the past week.

NSA exploited Heartbleed for two years claim insiders Heartbleed1-820x420

That flaw could have been identified and patched years ago, Bloomberg sources claim, but instead the US National Security Agency opted to keep details of the exploit to itself.

Insight on exactly how the NSA supposedly used Heartbleed is scant, with only two "familiar with the matter" piping up. However, possibilities include grabbing user passwords and other information, and thus being able to spy on web use.

The NSA has declined to comment on whether it knew about, or used, the exploit. However, debate over whether the surveillance agency was right to stockpile its backdoor access or should have stepped forward to identify it is already underway.

On the one hand, by opting to keep Heartbleed secret, the NSA has left millions of internet users - a sizable proportion of them the American citizens its mission is to protect - at risk of hacks. According to one source, the NSA's team of over 1,000 experts spotted the bug's potential "shortly after its introduction."

Heartbleed was then added to the NSA's core toolkit of data acquisition tools, it's said.

The other side of the argument is that identifying and utilizing exploits is a key aspect of the NSA's role, even given that role's classification as "defense", and that critics of the agency's behavior are mistakenly assigning it responsibilities actually held by different government divisions.

US-CERT, for instance - the United States Computer Emergency Readiness Team - has "responding to major incidents, analyzing threats, and exchanging critical cybersecurity information with trusted partners around the world" as its remit.

Either way, Heartbleed is out in the open now, with dozens of sites announcing that they have patched the flaw over the past few days. Fixing your own internet security is also straightforward, though how many will actually change their passwords and follow the general good-practice advice remains to be seen.

http://www.slashgear.com/nsa-exploited-heartbleed-for-two-years-claim-insiders-11324807/
Back to top Go down
 

NSA exploited Heartbleed for two years claim insiders

View previous topic View next topic Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
 :: Anarcho-Capitalist Categorical Imperatives :: AnCaps In Science, Technology & Environment-
 :: 

Anarcho-Capitalist Categorical Imperatives

 :: 

AnCaps In Science, Technology & Environment
Index, Portal, Induct Yourself Here, Forum Technical Non-Assistance, Philosophy & Religion, Realpolitik Statism & Bureaucracy, Law & Order, Rights Individualism & Lifestyles, Laissez-faire Free Trade Zone, Science Technology & Environment, Psychology Edumbcation & IndoctriNation, Culture & Art, Ancapdemia's Ebony Basement, High Octane One-on-One Debate, Celebrate Evildoers' Inadvertent Contributions to Ancap Values, Idiot of the Week Award Nominees Are, Humor, Freestyle Miscellaneous, Ancaps Emporium, OZschwitz Slave Pen Downunder Boutique, Anarcho-Capitalists,AnCaps Forum,Anti-State,Anti-Statist,Inalienable Rights Defenders,Non-Aggression Principle,Non-Initiation of Force Principle,Rothbardians,Anarchist,Capitalist,objectivism,Ayn Rand,Anarcho-Capitalism,Anarcho-Capitalist,politics,libertarianism,Ancap Forum,Anarchist Forum,Vulgar Libertarians,Hippies of The Right,Forum for Anarcho-Capitalist,Forum for Anarcho-Capitalists,Forum for AnCap,Forum for AnCaps,Libertarian,Anarcho-Objectivist,Freedom, Laissez Faire, Free Trade, Black Market, Randroid, Randroids, Rothbardian, AynArchist,Anarcho-Capitalist Forum, Anarchism, Anarchy, Free Market Anarchism, Free Market Anarchy, Market Anarchy, Market Anarchism, Volunteerism, Libertarian anarchism,
Create free forum | Society and Culture | Politics | ©phpBB | Free forum support | Report an abuse | Forumotion.com