Nation & World News

NSA Denies It Knew About Heartbleed Bug Before It Was Made Public

By Eyder Peralta on April 11th, 2014

The National Security Agency says it did not know about a critical security bug until it became public earlier this month.

The NSA was responding to a report from Bloomberg that the agency had known about the vulnerability known as “Heartbleed” for two years and instead of alerting the tech community, it exploited the bug to “gather critical intelligence.”

Just to catch you up: The Heartbleed bug has led tech experts to call on Internet users worldwide to change the passwords they use on popular and sensitive sites, like that of their bank or email provider. As NPR’s Jeremy Bowers explained, the bug allowed an attacker to receive the encryption keys used to transmit information like your username and password. In other words, the bug allowed access to the “crown jewels.”

In a statement, the NSA said Bloomberg’s report was simply “wrong.” The U.S., the NSA said, would reveal this kind of vulnerability to developers if it ever came upon it. The statement goes on:

“The Federal government relies on OpenSSL to protect the privacy of users of government websites and other online services. This Administration takes seriously its responsibility to help maintain an open, interoperable, secure and reliable Internet. If the Federal government, including the intelligence community, had discovered this vulnerability prior to last week, it would have been disclosed to the community responsible for OpenSSL.

“When Federal agencies discover a new vulnerability in commercial and open source software – a so-called ‘Zero day’ vulnerability because the developers of the vulnerable software have had zero days to fix it – it is in the national interest to responsibly disclose the vulnerability rather than to hold it for an investigative or intelligence purpose.

“In response to the recommendations of the President’s Review Group on Intelligence and Communications Technologies, the White House has reviewed its policies in this area and reinvigorated an interagency process for deciding when to share vulnerabilities. This process is called the Vulnerabilities Equities Process. Unless there is a clear national security or law enforcement need, this process is biased toward responsibly disclosing such vulnerabilities.”

Copyright 2014 NPR. To see more, visit http://www.npr.org/.

This entry was posted in News from NPR. Bookmark the permalink.

Comments are closed.

 

More Stories in News from NPR

A stone memorial, surrounded by flowers, has been placed near the site in the French Alps where a Germanwings passenger jet crashed on Tuesday (March 24, 2015). Investigators believe the jet's co-pilot brought it down deliberately.

Germanwings Crash: ‘Suicide’ Doesn’t Seem To Tell The Story

Though investigators say it looks like the co-pilot deliberately brought down the jet, killing himself and 149 others, there are reasons not to use that word.


Amanda Knox prepares to leave the set following a television interview on Jan. 31, 2014.

Italy’s Highest Court Overturns Amanda Knox Conviction

The decision puts an end to a story that began in 2009 when Knox was found guilty of murdering 21-year-old Meredith Kirchner two years earlier.


Daily traffic in Havana resembles a vintage car rally, even if does share the city streets these days Hyundais and Peugeots and rattletrap Russian Ladas.

Nostalgic Cars: Sour Automotive Fruit Of Cuban Embargo Gets New Life

In Havana, Cuba, the old cars that crowd the streets used to symbolize a stagnant nation. Now enterprising Cubans have begun renting cars out to tourists who are hungry for the cars of their youth.


Thai Prime Minister Gen. Prayuth Chan-ocha attending the East Asia summit plenary session at Myanmar International Convention Center in Naypyitaw, Myanmar, in November.

Thai Ruler Says He’s Prepared To End Martial Law

Prime Minister Gen. Prayuth Chan-ocha, who seized power last May, says he will lift martial law and replace it with a constitutional provision that gives him the very same powers.


Israeli Prime Minister Benjamin Netanyahu speaks to supporters following the country's March 17 election. After a bruising campaign in which he faced considerable criticism, Netanyahu has taken a number of steps to try to ease tensions.

After A Tough Election, Israel’s Netanyahu Looks To Ease Tensions

The Israeli leader ruffled feathers during the bruising campaign. Since then, he has sought to make amends. In the latest move, Israel is handing over money it had withheld from the Palestinians.


Thank you for your support

WUFT depends on the support of our community — people like you — to help us continue to provide quality programming to North Central Florida.
Become a Sustainer
I want to support FM 89.1/NPR
I want to support Florida's 5/PBS
Donate a Vehicle
Underwriting Payments