The bug... More info.
Christopher J. Walters
cwal989 at comcast.net
Mon Apr 14 20:24:20 CEST 2014
The discussion on the Heatbleed bug has apparently stopped here, and just about
everywhere else, but I found (courtesy of another mailing list), some more
reports on it, that you may have not seen. These reports suggest the the NSA
knew about and exploited the bug for "at least" two years, and may have even
worked to stop it from being reported and fixed.
http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html
Shorter link to the above article:
http://tinyurl.com/mq8owa2
Also,
http://www.sfgate.com/opinion/editorials/article/Encryption-security-compromised-in-a-heartbeat-5396510.php
Shorter link to the above article:
http://tinyurl.com/kmmqkfv
The NSA, or course, denies any knowledge, or exploitation of the bug, but you
can read the article and make your own decisions on that.
Chris
More information about the Gnupg-users
mailing list