Heartbleed, the enormous security bug that could affect up to two-thirds of the internet, has left more than 500,000 websites exposed to attackers. And while many are worried their information was left vulnerable to criminal hackers, one security adviser believes the National Security Agency could well have been the true beneficiary of the flaw.
“This is an honest amateur programming mistake,” Sophos Security Senior Adviser Chet Wisniewski told BuzzFeed, noting that there is almost zero likelihood surveillance organizations were behind the flaw. “It sounds like somebody just hit the ‘enter’ key before completing their thought.”
That said, Wisniewski believes that if surveillance organizations like the NSA discovered the flaw before it became public, they wouldn’t hesitate to capitalize on it and certainly wouldn’t have notified programming communities.
“That’s exactly what the leaked NSA programs are supposed to do: Find the flaws, exploit them and never tell anyone,” he said. Full story...
Related posts:
“This is an honest amateur programming mistake,” Sophos Security Senior Adviser Chet Wisniewski told BuzzFeed, noting that there is almost zero likelihood surveillance organizations were behind the flaw. “It sounds like somebody just hit the ‘enter’ key before completing their thought.”
That said, Wisniewski believes that if surveillance organizations like the NSA discovered the flaw before it became public, they wouldn’t hesitate to capitalize on it and certainly wouldn’t have notified programming communities.
“That’s exactly what the leaked NSA programs are supposed to do: Find the flaws, exploit them and never tell anyone,” he said. Full story...
Related posts:
- Heartbleed: Moving toward government control of the internet...
- Social media: Weapon of PsyWar and you’re the target...
- The corporate state of surveillance...
- Edward Snowden's not the story. The fate of the internet is...
- Google's spymasters are now worried about your secrets...
- The worldwide surveillance and privacy war (which you already lost)
No comments:
Post a Comment