Nation & World News

NSA Denies It Knew About Heartbleed Bug Before It Was Made Public

By Eyder Peralta on April 11th, 2014

The National Security Agency says it did not know about a critical security bug until it became public earlier this month.

The NSA was responding to a report from Bloomberg that the agency had known about the vulnerability known as “Heartbleed” for two years and instead of alerting the tech community, it exploited the bug to “gather critical intelligence.”

Just to catch you up: The Heartbleed bug has led tech experts to call on Internet users worldwide to change the passwords they use on popular and sensitive sites, like that of their bank or email provider. As NPR’s Jeremy Bowers explained, the bug allowed an attacker to receive the encryption keys used to transmit information like your username and password. In other words, the bug allowed access to the “crown jewels.”

In a statement, the NSA said Bloomberg’s report was simply “wrong.” The U.S., the NSA said, would reveal this kind of vulnerability to developers if it ever came upon it. The statement goes on:

“The Federal government relies on OpenSSL to protect the privacy of users of government websites and other online services. This Administration takes seriously its responsibility to help maintain an open, interoperable, secure and reliable Internet. If the Federal government, including the intelligence community, had discovered this vulnerability prior to last week, it would have been disclosed to the community responsible for OpenSSL.

“When Federal agencies discover a new vulnerability in commercial and open source software – a so-called ‘Zero day’ vulnerability because the developers of the vulnerable software have had zero days to fix it – it is in the national interest to responsibly disclose the vulnerability rather than to hold it for an investigative or intelligence purpose.

“In response to the recommendations of the President’s Review Group on Intelligence and Communications Technologies, the White House has reviewed its policies in this area and reinvigorated an interagency process for deciding when to share vulnerabilities. This process is called the Vulnerabilities Equities Process. Unless there is a clear national security or law enforcement need, this process is biased toward responsibly disclosing such vulnerabilities.”

Copyright 2014 NPR. To see more, visit http://www.npr.org/.

This entry was posted in News from NPR. Bookmark the permalink.

Comments are closed.

 

More Stories in News from NPR

A Milwaukee prosecutor says no charges will be filed against a police officer who shot and killed Donte Hamilton in April. Here, Maria Hamilton holds posters used in rallies that vent frustrations about the death of her son.

Milwaukee Prosecutor Won’t Seek Charges In Police Shooting

Officer Christopher Manney was attempting to frisk Dontre Hamilton when he woke up and grabbed the officer’s baton. Manney shot Hamilton 14 times.


Games of Thrones' author George R.R. Martin

Book News: George R.R. Martin Rails Against Sony’s ‘Corporate Cowardice’

The Game of Thrones author has blasted the studio for canceling its release of The Interview, offering to screen the film himself at his own movie theater.


Pope Francis delivers his message during a meeting with cardinals and bishops of the Curia at the Vatican on Monday. The pope said the Curia suffered from "spiritual Alzheimer's"  and careerism.

Pope Francis, At Christmas Gathering, Blasts Vatican’s Bureaucrats

He accused the Curia, which oversees the world’s 1.2 billion Catholics, of “spiritual Alzheimer’s” and careerism. Francis has made reforming the Vatican a major part of his agenda.


A supporter of newly elected Tunisian presidential candidate Beji Caid Essibsi flashes the V-sign from a car as they celebrate the first results of the Tunisian elections in Sousse, Tunisia.

Tunisian Election Puts Former Regime Figure In Presidency

Nearly four years after the Arab Spring began, Tunisian voters elected Beji Caid Essebsi, a veteran of the country’s autocratic regimes.


People sing as they take part in a prayer vigil at the site where two police officers were shot to death in the Brooklyn borough of New York this weekend.

NYC Police Deaths: Details On Suspect; Rift Between Mayor And Police

New York Police Commissioner Bill Bratton says tensions in the city are at their worst since the 1970s. He spoke two days after Ismaaiyl Brinsley shot and killed two police officers in New York.


Thank you for your support

WUFT depends on the support of our community — people like you — to help us continue to provide quality programming to North Central Florida.
Become a Sustainer
I want to support FM 89.1/NPR
I want to support Florida's 5/PBS
Donate a Vehicle
Day Sponsorship Payments
Underwriting Payments