by Mike Masnick
Tue, Apr 15th 2014 5:16am
Somewhat late to the game (by about a week), after the Heartbleed vulnerability was publicly revealed, and a few days after it was reported and denied that the NSA was already well aware of Heartbleed and exploiting it, the NSA has put out a one page PDF about Heartbleed. This seems like something of a too little, too late effort by the NSA to live up to its semi-promise of a "bias" towards revealing vulnerabilities over exploiting them. However, that leads to the simple question that plenty of people should be asking: given everything you've learned about the NSA recently (or, well, for years), would you trust the NSA's advice on how to deal with Heartbleed? Not that I think the NSA would publicly suggest anything bad, but at this point, the NSA has a serious trust problem in convincing anyone engaged in computer security that they have their best interests in mind.
If you liked this post, you may also be interested in...
- We Now Know The NSA And GCHQ Have Subverted Most (All?) Of The Digital World: So Why Can't We See Any Benefits?
- In Wake Of NSA Leaks, China Drops Major US Tech Companies From Its Approved Supplier List
- Here's 140 Fully-Redacted Pages Explaining How Much Snowden's Leaks Have Harmed The Nation's Security
- Gemalto: Ok, Yes, We Were Hacked, And Yes Some SIM Cards May Be Compromised, But Not Because Of Us
- NSA Director: If I Say 'Legal Framework' Enough, Will It Convince You Security People To Shut Up About Our Plan To Backdoor Encryption?